1 files changed, 180 insertions, 0 deletions
diff --git a/crypto/kerberosIV/lib/krb/kntoln.c b/crypto/kerberosIV/lib/krb/kntoln.c
new file mode 100644
index 0000000..88b8b25
--- /dev/null
+++ b/crypto/kerberosIV/lib/krb/kntoln.c
@@ -0,0 +1,180 @@
+/* 
+  Copyright (C) 1989 by the Massachusetts Institute of Technology
+
+   Export of this software from the United States of America is assumed
+   to require a specific license from the United States Government.
+   It is the responsibility of any person or organization contemplating
+   export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+distribute this software and its documentation for any purpose and
+without fee is hereby granted, provided that the above copyright
+notice appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation, and that
+the name of M.I.T. not be used in advertising or publicity pertaining
+to distribution of the software without specific, written prior
+permission.  M.I.T. makes no representations about the suitability of
+this software for any purpose.  It is provided "as is" without express
+or implied warranty.
+
+  */
+
+/*
+ * krb_kntoln converts an auth name into a local name by looking up
+ * the auth name in the /etc/aname file.  The format of the aname
+ * file is:
+ *
+ * +-----+-----+-----+-----+------+----------+-------+-------+
+ * | anl | inl | rll | lnl | name | instance | realm | lname |
+ * +-----+-----+-----+-----+------+----------+-------+-------+
+ * | 1by | 1by | 1by | 1by | name | instance | realm | lname |
+ * +-----+-----+-----+-----+------+----------+-------+-------+
+ *
+ * If the /etc/aname file can not be opened it will set the
+ * local name to the auth name.  Thus, in this case it performs as
+ * the identity function.
+ *
+ * The name instance and realm are passed to krb_kntoln through
+ * the AUTH_DAT structure (ad).
+ *
+ * Now here's what it *really* does:
+ *
+ * Given a Kerberos name in an AUTH_DAT structure, check that the
+ * instance is null, and that the realm is the same as the local
+ * realm, and return the principal's name in "lname".  Return
+ * KSUCCESS if all goes well, otherwise KFAILURE.
+ */
+
+#include "krb_locl.h"
+
+RCSID("$Id: kntoln.c,v 1.7 1997/03/23 03:53:12 joda Exp $");
+
+int
+krb_kntoln(AUTH_DAT *ad, char *lname)
+{
+    static char lrealm[REALM_SZ] = "";
+
+    if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
+        return(KFAILURE);
+
+    if (strcmp(ad->pinst, ""))
+        return(KFAILURE);
+    if (strcmp(ad->prealm, lrealm))
+        return(KFAILURE);
+    strcpy(lname, ad->pname);
+    return(KSUCCESS);
+}
+
+#if 0
+/* Posted to usenet by "Derrick J. Brashear" <shadow+@andrew.cmu.edu> */
+
+#include <krb.h>
+#include <ndbm.h>
+#include <stdio.h>
+#include <sys/file.h>
+#include <strings.h>
+#include <sys/syslog.h>
+#include <sys/errno.h>
+
+extern int errno;
+/*
+ * antoln converts an authentication name into a local name by looking up
+ * the authentication name in the /etc/aname dbm database.
+ * 
+ * If the /etc/aname file can not be opened it will set the 
+ * local name to the principal name.  Thus, in this case it performs as 
+ * the identity function.
+ * 
+ * The name instance and realm are passed to antoln through
+ * the AUTH_DAT structure (ad).
+ */
+
+static char     lrealm[REALM_SZ] = "";
+
+an_to_ln(ad,lname)
+AUTH_DAT        *ad;
+char            *lname;
+{
+        static DBM *aname = NULL;
+        char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2];
+
+        if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
+                return(KFAILURE);
+
+        if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) ||
+strcmp(ad->prealm,lrealm)) {
+                datum val;
+                datum key;
+                /*
+                 * Non-local name (or) non-null and non-root instance.
+                 * Look up in dbm file.
+                 */
+                if (!aname) {
+                        if ((aname = dbm_open("/etc/aname", O_RDONLY, 0))
+                            == NULL) return (KFAILURE);
+                }
+                /* Construct dbm lookup key. */
+                an_to_a(ad, keyname);
+                key.dptr = keyname;
+                key.dsize = strlen(keyname)+1;
+                flock(dbm_dirfno(aname), LOCK_SH);
+                val = dbm_fetch(aname, key);
+                flock(dbm_dirfno(aname), LOCK_UN);
+                if (!val.dptr) {
+                  dbm_close(aname);
+                  return(KFAILURE);
+                }
+                /* Got it! */
+                strcpy(lname,val.dptr);
+                return(KSUCCESS);
+        } else strcpy(lname,ad->pname);
+        return(KSUCCESS);
+}
+
+an_to_a(ad, str)
+        AUTH_DAT *ad;
+        char *str;
+{
+        strcpy(str, ad->pname);
+        if(*ad->pinst) {
+                strcat(str, ".");
+                strcat(str, ad->pinst);
+        }
+        strcat(str, "@");
+        strcat(str, ad->prealm);
+}
+
+/*
+ * Parse a string of the form "user[.instance][@realm]" 
+ * into a struct AUTH_DAT.
+ */
+
+a_to_an(str, ad)
+        AUTH_DAT *ad;
+        char *str;
+{
+        char *buf = (char *)malloc(strlen(str)+1);
+        char *rlm, *inst, *princ;
+
+        if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) {
+                free(buf);
+                return(KFAILURE);
+        }
+        /* destructive string hacking is more fun.. */
+        strcpy(buf, str);
+
+        if (rlm = index(buf, '@')) {
+                *rlm++ = '\0';
+        }
+        if (inst = index(buf, '.')) {
+                *inst++ = '\0';
+        }
+        strcpy(ad->pname, buf);
+        if(inst) strcpy(ad->pinst, inst);
+        else *ad->pinst = '\0';
+        if (rlm) strcpy(ad->prealm, rlm);
+        else strcpy(ad->prealm, lrealm);
+        free(buf);
+        return(KSUCCESS);
+}
+#endif