diff options
| author | Artur Grabowski <art@cvs.openbsd.org> | 1998-08-12 23:49:06 +0000 |
|---|---|---|
| committer | Artur Grabowski <art@cvs.openbsd.org> | 1998-08-12 23:49:06 +0000 |
| commit | e729fd4f6b58f901dac1dbf9698a873d4537cb96 (patch) | |
| tree | 1464a617fefcbd793db97f8fd3ccf35f0b139a3e /kerberosIV | |
| parent | 105b1bda080e91b3e03dae69ddedbc6379f7998e (diff) | |
libkafs from kth-krb 0.9.9 with ability to use AFSDB records
Diffstat (limited to 'kerberosIV')
| -rw-r--r-- | kerberosIV/include/kerberosIV/kafs.h | 6 | ||||
| -rw-r--r-- | kerberosIV/kafs/Makefile | 6 | ||||
| -rw-r--r-- | kerberosIV/kafs/afssys.c | 8 | ||||
| -rw-r--r-- | kerberosIV/kafs/common.c | 57 | ||||
| -rw-r--r-- | kerberosIV/kafs/shlib_version | 2 |
5 files changed, 48 insertions, 31 deletions
diff --git a/kerberosIV/include/kerberosIV/kafs.h b/kerberosIV/include/kerberosIV/kafs.h index 92165720759..ddc20d1596b 100644 --- a/kerberosIV/include/kerberosIV/kafs.h +++ b/kerberosIV/include/kerberosIV/kafs.h @@ -1,5 +1,5 @@ -/* $OpenBSD: kafs.h,v 1.5 1998/03/24 02:55:14 art Exp $ */ -/* $KTH: kafs.h,v 1.24 1997/10/14 23:00:16 joda Exp $ */ +/* $OpenBSD: kafs.h,v 1.6 1998/08/12 23:49:00 art Exp $ */ +/* $KTH: kafs.h,v 1.28 1998/04/26 18:20:09 joda Exp $ */ /* * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan @@ -152,4 +152,6 @@ krb5_error_code krb5_afslog __P((krb5_context, krb5_ccache, #define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB" #define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells" +extern int _kafs_debug; + #endif /* __KAFS_H */ diff --git a/kerberosIV/kafs/Makefile b/kerberosIV/kafs/Makefile index 7a87b57e248..fce4e7b1546 100644 --- a/kerberosIV/kafs/Makefile +++ b/kerberosIV/kafs/Makefile @@ -1,8 +1,10 @@ -# $Id: Makefile,v 1.3 1998/03/12 17:46:26 art Exp $ +# $Id: Makefile,v 1.4 1998/08/12 23:49:01 art Exp $ LIB= kafs -CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR} -I${.CURDIR}/../roken SRCS= afskrb.c afssys.c common.c +.PATH: ${.CURDIR}/../roken +SRCS+= resolve.c .include <bsd.own.mk> # for AFS diff --git a/kerberosIV/kafs/afssys.c b/kerberosIV/kafs/afssys.c index 168e467ad10..e34e65584c3 100644 --- a/kerberosIV/kafs/afssys.c +++ b/kerberosIV/kafs/afssys.c @@ -1,8 +1,8 @@ -/* $OpenBSD: afssys.c,v 1.4 1997/12/12 11:46:31 art Exp $ */ -/* $KTH: afssys.c,v 1.53 1997/05/04 02:30:41 assar Exp $ */ +/* $OpenBSD: afssys.c,v 1.5 1998/08/12 23:49:02 art Exp $ */ +/* $KTH: afssys.c,v 1.57 1998/05/09 17:19:03 joda Exp $ */ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -41,6 +41,8 @@ #include "kafs_locl.h" +int _kafs_debug; + #define NO_ENTRY_POINT 0 #define SINGLE_ENTRY_POINT 1 #define MULTIPLE_ENTRY_POINT 2 diff --git a/kerberosIV/kafs/common.c b/kerberosIV/kafs/common.c index 804bb4f027e..b294f1aa594 100644 --- a/kerberosIV/kafs/common.c +++ b/kerberosIV/kafs/common.c @@ -1,8 +1,8 @@ -/* $OpenBSD: common.c,v 1.4 1998/03/24 03:05:50 art Exp $ */ -/* $KTH: common.c,v 1.3 1997/11/03 20:35:24 bg Exp $ */ +/* $OpenBSD: common.c,v 1.5 1998/08/12 23:49:04 art Exp $ */ +/* $KTH: common.c,v 1.10 1998/04/04 13:08:31 assar Exp $ */ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -40,6 +40,7 @@ */ #include "kafs_locl.h" +#include <resolve.h> #define AUTH_SUPERUSER "afs" @@ -76,14 +77,31 @@ kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) */ ct.AuthHandle = c->kvno; memcpy (ct.HandShakeKey, c->session, sizeof(c->session)); - ct.ViceId = uid; /* is this always valid? */ - ct.BeginTimestamp = 1 + c->issue_date; + ct.ViceId = uid; + ct.BeginTimestamp = c->issue_date; ct.EndTimestamp = krb_life_to_time(c->issue_date, c->lifetime); + if(ct.EndTimestamp < time(NULL)) + return 0; /* don't store tokens that has expired (and possibly + overwriting valid tokens)*/ #define ODD(x) ((x) & 1) - /* If we don't know the numerical ID lifetime should be even? */ - if (uid == 0 && ODD(ct.EndTimestamp - ct.BeginTimestamp)) - ct.BeginTimestamp--; + /* According to Transarc conventions ViceId is valid iff + * (EndTimestamp - BeginTimestamp) is odd. By decrementing EndTime + * the transformations: + * + * (issue_date, life) -> (StartTime, EndTime) -> (issue_date, life) + * preserves the original values. + */ + if (uid != 0) /* valid ViceId */ + { + if (!ODD(ct.EndTimestamp - ct.BeginTimestamp)) + ct.EndTimestamp--; + } + else /* not valid ViceId */ + { + if (ODD(ct.EndTimestamp - ct.BeginTimestamp)) + ct.EndTimestamp--; + } t = buf; /* @@ -127,11 +145,10 @@ kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) return ret; } -#if 0 /* Try to get a db-server for an AFS cell from a AFSDB record */ static int -dns_find_cell(const char *cell, char *dbserver) +dns_find_cell(const char *cell, char *dbserver, size_t len) { struct dns_reply *r; int ok = -1; @@ -140,8 +157,8 @@ dns_find_cell(const char *cell, char *dbserver) struct resource_record *rr = r->head; while(rr){ if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ - strncpy(dbserver, rr->u.afsdb->domain, MAXHOSTNAMELEN); - dbserver[MaxHostNameLen - 1] = 0; + strncpy(dbserver, rr->u.afsdb->domain, len); + dbserver[len - 1] = '\0'; ok = 0; break; } @@ -151,7 +168,6 @@ dns_find_cell(const char *cell, char *dbserver) } return ok; } -#endif /* @@ -266,21 +282,17 @@ realm_of_cell(kafs_data *data, const char *cell, char **realm) break; /* No '#', give up */ p++; if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = 0; + buf[strlen(buf) - 1] = '\0'; *realm = (*data->get_realm)(data, p); - if (*realm && **realm != 0) + if (*realm && **realm != '\0') ret = 0; break; /* Won't try any more */ } } fclose(F); } -#if 0 - if (realm == NULL) { - if (dns_find_cell(cell, buf) == 0) - realm = krb_realmofhost(buf); - } -#endif + if (*realm == NULL && dns_find_cell(cell, buf, sizeof(buf)) == 0) + *realm = strdup(krb_realmofhost(buf)); return ret; } @@ -341,11 +353,10 @@ _kafs_get_cred(kafs_data *data, if (ret) ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", vl_realm, c); free(vl_realm); - vl_realm = NULL; if (ret == 0) return 0; } - if (lrealm != NULL) + if (lrealm) ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, lrealm, c); return ret; } diff --git a/kerberosIV/kafs/shlib_version b/kerberosIV/kafs/shlib_version index 3066b9771e7..900b4048a96 100644 --- a/kerberosIV/kafs/shlib_version +++ b/kerberosIV/kafs/shlib_version @@ -1,2 +1,2 @@ major=5 -minor=0 +minor=1 |