jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 15:30:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

kauth-prototypes-20090315

Browse Source 
LICENSE IPL10
FIXES 124257

prototype the kauth directory
This commit is contained in:
Simon Wilkinson 2009-03-16 02:35:29 +00:00 committed by Derrick Brashear
parent 12a60258f5
commit 2e4326e20e
11 changed files with 348 additions and 459 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/kauth/ka-forwarder.c
View File

@ -61,8 +61,7 @@ struct sockaddr_in *servers;
void
perrorexit(str)
char *str;
perrorexit(char *str)
{
perror(str);
exit(1);
@ -70,9 +69,7 @@ char *str;
void
setup_servers(argc, argv)
int argc;
char **argv;
setup_servers(int argc, char **argv)
{
int i;
u_int fwdaddr;
@ -127,8 +124,7 @@ char **argv;
int
setup_socket(port)
u_short port;
setup_socket(u_short port)
{
int s, rv;
struct sockaddr_in sin;
@ -150,8 +146,7 @@ u_short port;
int
packet_is_reply(from)
struct sockaddr_in *from;
packet_is_reply(struct sockaddr_in *from)
{
int i;
@ -170,9 +165,7 @@ struct sockaddr_in *from;
int
main(argc, argv)
int argc;
char **argv;
main(int argc, char **argv)
{
int c, s, rv;
u_short port;
@ -214,7 +207,7 @@ char **argv;
for (;;) {
char buf[BUFFER_SIZE], *bufp, *sendptr;
struct sockaddr_in from, reply, *to;
int fromlen, sendlen;
size_t fromlen, sendlen;
bufp = buf + 8;
fromlen = sizeof(from);

124
src/kauth/kadatabase.c
View File

@ -34,12 +34,10 @@ extern Date cheaderReadTime; /* time cheader last read in */
#define inc_header_word(tt,field) kawrite ((tt), ((char *)&(cheader.field) - (char *)&cheader), ((cheader.field = (htonl(ntohl(cheader.field)+1))), (char *)&(cheader.field)), sizeof(afs_int32))
static int index_OK();
static int index_OK(afs_int32);
afs_int32
NameHash(aname, ainstance)
register char *aname;
register char *ainstance;
NameHash(register char *aname, register char *ainstance)
{
register unsigned int hash;
register int i;
@ -56,11 +54,7 @@ NameHash(aname, ainstance)
/* package up seek and write into one procedure for ease of use */
afs_int32
kawrite(tt, pos, buff, len)
struct ubik_trans *tt;
afs_int32 pos;
char *buff;
afs_int32 len;
kawrite(struct ubik_trans *tt, afs_int32 pos, char *buff, afs_int32 len)
{
afs_int32 code;
@ -74,11 +68,7 @@ kawrite(tt, pos, buff, len)
/* same thing for read */
afs_int32
karead(tt, pos, buff, len)
struct ubik_trans *tt;
afs_int32 pos;
char *buff;
afs_int32 len;
karead(struct ubik_trans *tt, afs_int32 pos, char *buff, afs_int32 len)
{
afs_int32 code;
@ -108,8 +98,7 @@ static afs_int32 maxKeyLifetime;
static int dbfixup = 0;
void
init_kadatabase(initFlags)
int initFlags; /* same as init_kaprocs (see which) */
init_kadatabase(int initFlags)
{
Lock_Init(&cheader_lock);
Lock_Init(&keycache_lock);
@ -131,9 +120,8 @@ init_kadatabase(initFlags)
manner, to avoid bogusly reinitializing the db. */
afs_int32
CheckInit(at, db_init)
struct ubik_trans *at;
int (*db_init) (); /* procedure to call if rebuilding DB */
CheckInit(struct ubik_trans *at,
int (*db_init) (struct ubik_trans *)) /* procedure to call if rebuilding DB */
{
register afs_int32 code;
afs_int32 iversion;
@ -208,9 +196,7 @@ CheckInit(at, db_init)
zeroed entry. If zero is returned, a Ubik I/O error can be assumed. */
afs_int32
AllocBlock(at, tentry)
register struct ubik_trans *at;
struct kaentry *tentry;
AllocBlock(struct ubik_trans *at, struct kaentry *tentry)
{
register afs_int32 code;
afs_int32 temp;
@ -241,9 +227,7 @@ AllocBlock(at, tentry)
Returns zero for success or an error code on failure. */
afs_int32
FreeBlock(at, index)
struct ubik_trans *at;
afs_int32 index;
FreeBlock(struct ubik_trans *at, afs_int32 index)
{
struct kaentry tentry;
int code;
@ -274,12 +258,8 @@ FreeBlock(at, index)
returned. */
afs_int32
FindBlock(at, aname, ainstance, toP, tentry)
struct ubik_trans *at;
char *aname;
char *ainstance;
afs_int32 *toP;
struct kaentry *tentry;
FindBlock(struct ubik_trans *at, char *aname, char *ainstance, afs_int32 *toP,
struct kaentry *tentry)
{
register afs_int32 i, code;
register afs_int32 to;
@ -308,10 +288,8 @@ FindBlock(at, aname, ainstance, toP, tentry)
returns zero if there were no errors. */
afs_int32
ThreadBlock(at, index, tentry)
struct ubik_trans *at;
afs_int32 index;
struct kaentry *tentry;
ThreadBlock(struct ubik_trans *at, afs_int32 index,
struct kaentry *tentry)
{
int code;
int hi; /* hash index */
@ -333,9 +311,7 @@ ThreadBlock(at, index, tentry)
error code. */
afs_int32
UnthreadBlock(at, aentry)
struct ubik_trans *at;
struct kaentry *aentry;
UnthreadBlock(struct ubik_trans *at, struct kaentry *aentry)
{
register afs_int32 i, code;
register afs_int32 to;
@ -381,11 +357,8 @@ UnthreadBlock(at, aentry)
remaining count is negative. */
afs_int32
NextBlock(at, index, tentry, remaining)
struct ubik_trans *at;
afs_int32 index;
struct kaentry *tentry;
afs_int32 *remaining;
NextBlock(struct ubik_trans *at, afs_int32 index, struct kaentry *tentry,
afs_int32 *remaining)
{
int code;
afs_int32 last;
@ -421,11 +394,8 @@ NextBlock(at, index, tentry, remaining)
and pointer to the user entry. */
afs_int32
ka_NewKey(tt, tentryaddr, tentry, key)
struct ubik_trans *tt;
afs_int32 tentryaddr;
struct kaentry *tentry;
struct ktc_encryptionKey *key;
ka_NewKey(struct ubik_trans *tt, afs_int32 tentryaddr,
struct kaentry *tentry, struct ktc_encryptionKey *key)
{
struct kaOldKeys okeys; /* old keys block */
afs_int32 okeysaddr, nextaddr; /* offset of old keys block */
@ -598,16 +568,13 @@ ka_NewKey(tt, tentryaddr, tentry, key)
}
afs_int32
ka_DelKey(tt, tentryaddr, tentry)
struct ubik_trans *tt;
afs_int32 tentryaddr;
struct kaentry *tentry;
ka_DelKey(struct ubik_trans *tt, afs_int32 tentryaddr,
struct kaentry *tentry)
{
int code;
struct kaOldKeys okeys; /* old keys block */
afs_int32 okeysaddr, nextaddr; /* offset of old keys block */
afs_int32 prevptr = 0;
Date now = time(0);
es_Report("DelKey for %s.%s\n", tentry->userID.name,
tentry->userID.instance);
@ -659,8 +626,7 @@ ka_DelKey(tt, tentryaddr, tentry)
}
void
ka_debugKeyCache(info)
struct ka_debugInfo *info;
ka_debugKeyCache(struct ka_debugInfo *info)
{
int i;
@ -704,12 +670,8 @@ ka_debugKeyCache(info)
/* Add a key to the key cache, expanding it if necessary. */
void
ka_Encache(name, inst, kvno, key, superseded)
char *name;
char *inst;
afs_int32 kvno;
struct ktc_encryptionKey *key;
Date superseded;
ka_Encache(char *name, char *inst, afs_int32 kvno,
struct ktc_encryptionKey *key, Date superseded)
{
int i;
@ -757,12 +719,8 @@ ka_Encache(name, inst, kvno, key, superseded)
with tt==0, since Rx can't call Ubik. */
afs_int32
ka_LookupKvno(tt, name, inst, kvno, key)
struct ubik_trans *tt;
char *name;
char *inst;
afs_int32 kvno;
struct ktc_encryptionKey *key;
ka_LookupKvno(struct ubik_trans *tt, char *name, char *inst, afs_int32 kvno,
struct ktc_encryptionKey *key)
{
int i;
int code = 0;
@ -826,12 +784,11 @@ ka_LookupKvno(tt, name, inst, kvno, key)
/* Look up the primary key and key version for a principal. */
afs_int32
ka_LookupKey(tt, name, inst, kvno, key)
struct ubik_trans *tt;
char *name;
char *inst;
afs_int32 *kvno; /* returned */
struct ktc_encryptionKey *key; /* copied out */
ka_LookupKey(struct ubik_trans *tt,
char *name,
char *inst,
afs_int32 *kvno, /* returned */
struct ktc_encryptionKey *key) /* copied out */
{
int i;
afs_int32 to;
@ -878,8 +835,7 @@ ka_LookupKey(tt, name, inst, kvno, key)
Ubik needs to use Rx. */
afs_int32
ka_FillKeyCache(tt)
struct ubik_trans *tt;
ka_FillKeyCache(struct ubik_trans *tt)
{
int nfound;
afs_int32 ko;
@ -921,9 +877,7 @@ ka_FillKeyCache(tt)
}
afs_int32
update_admin_count(tt, delta)
struct ubik_trans *tt;
int delta;
update_admin_count(struct ubik_trans *tt, int delta)
{
afs_int32 to;
afs_int32 code;
@ -938,8 +892,7 @@ update_admin_count(tt, delta)
}
static int
index_OK(index)
afs_int32 index;
index_OK(afs_int32 index)
{
if ((index < sizeof(cheader)) || (index >= ntohl(cheader.eofPtr))
|| ((index - sizeof(cheader)) % sizeof(kaentry) != 0))
@ -950,9 +903,7 @@ index_OK(index)
#define LEGALCHARS ".ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"
int
name_instance_legal(name, instance)
char *name;
char *instance;
name_instance_legal(char *name, char *instance)
{
int code;
@ -971,10 +922,9 @@ name_instance_legal(name, instance)
return code;
}
#if 0
static int
string_legal(str, map)
char *str;
char *map;
string_legal(char *str, char *map)
{
int slen;
@ -983,3 +933,5 @@ string_legal(str, map)
return 0; /* with trailing null must fit in data base */
return (slen == strspn(str, map)); /* strspn returns length(str) if all chars in map */
}
#endif

4
src/kauth/kalocalcell.c
View File

@ -90,7 +90,7 @@ ka_LocalCell(void)
conf = afs_cdir;
strcpy(cell_name, afs_LclCellName);
#else /* UKERNEL */
if (conf = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH)) {
if ((conf = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH))) {
code = afsconf_GetLocalCell(conf, cell_name, sizeof(cell_name));
/* leave conf open so we can lookup other cells */
/* afsconf_Close (conf); */
@ -147,7 +147,7 @@ ka_ExpandCell(char *cell, char *fullCell, int *alocal)
int
ka_CellToRealm(char *cell, char *realm, int *local)
{
int code;
int code = 0;
LOCK_GLOBAL_MUTEX;
code = ka_ExpandCell(cell, realm, local);

521
src/kauth/kaprocs.c
View File

@ -38,6 +38,7 @@ RCSID
#endif
#include <string.h>
#include <des.h>
#include <des_prototypes.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/com_err.h>
@ -45,6 +46,7 @@ RCSID
#include "kaserver.h"
#include "kalog.h"
#include "kaport.h"
#include "kauth_internal.h"
#include "afs/audit.h"
extern struct ubik_dbase *KA_dbase;
@ -52,10 +54,30 @@ struct kaheader cheader;
Date cheaderReadTime; /* time cheader last read in */
extern struct afsconf_dir *KA_conf; /* for getting cell info */
afs_int32 kamCreateUser(), ChangePassWord(), kamSetPassword(), kamSetFields(),
kamDeleteUser();
afs_int32 kamGetEntry(), kamListEntry(), kamGetStats(), kamGetPassword(),
kamGetRandomKey(), kamDebug();
afs_int32 kamCreateUser(struct rx_call *call, char *aname, char *ainstance,
EncryptionKey ainitpw);
afs_int32 ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
ka_CBS *arequest, ka_BBS *oanswer);
afs_int32 kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
afs_int32 akvno, EncryptionKey apassword);
afs_int32 kamSetFields(struct rx_call *call, char *aname, char *ainstance,
afs_int32 aflags, Date aexpiration,
afs_int32 alifetime, afs_int32 amaxAssociates,
afs_uint32 misc_auth_bytes, afs_int32 spare2);
afs_int32 kamDeleteUser(struct rx_call *call, char *aname, char *ainstance);
afs_int32 kamGetEntry(struct rx_call *call, char *aname, char *ainstance,
afs_int32 aversion, kaentryinfo *aentry);
afs_int32 kamListEntry(struct rx_call *call, afs_int32 previous_index,
afs_int32 *index, afs_int32 *count, kaident *name);
afs_int32 kamGetStats(struct rx_call *call, afs_int32 version,
afs_int32 *admin_accounts, kasstats *statics,
kadstats *dynamics);
afs_int32 kamGetPassword(struct rx_call *call, char *name,
EncryptionKey *password);
afs_int32 kamGetRandomKey(struct rx_call *call, EncryptionKey *key);
afs_int32 kamDebug(struct rx_call *call, afs_int32 version,
int checkDB, struct ka_debugInfo *info);
char lrealm[MAXKTCREALMLEN];
#ifndef EXPIREPW /* password expiration default yes */
@ -74,10 +96,17 @@ extern int npwSums;
static afs_int32 autoCPWInterval;
static afs_int32 autoCPWUpdates;
static afs_int32 set_password(); /* forward */
extern afs_int32 InitAuthServ(); /* forward */
static afs_int32 impose_reuse_limits(); /* forward */
static int create_user(); /* forward */
static afs_int32 set_password(struct ubik_trans *tt, char *name,
char *instance, EncryptionKey *password,
afs_int32 kvno, afs_int32 caller);
extern afs_int32 InitAuthServ(struct ubik_trans **tt, int lock,
int *this_op);
static afs_int32 impose_reuse_limits(EncryptionKey *password,
struct kaentry *tentry);
static int create_user(struct ubik_trans *tt, char *name, char *instance,
EncryptionKey *key, afs_int32 caller,
afs_int32 flags);
/* This routine is called whenever an RPC interface needs the time. It uses
the current time to randomize a 128 bit value that is used to change the
@ -93,10 +122,9 @@ static afs_int32 totalUpdates = 0;
ptr should be zero and the return code need not be checked. */
static afs_int32
get_time(timeP, tt, admin)
Date *timeP;
struct ubik_trans *tt; /* tt != 0: a write transaction */
int admin; /* the caller is an admin user */
get_time(Date *timeP,
struct ubik_trans *tt, /* tt != 0: a write transaction */
int admin) /* the caller is an admin user */
{
/* random value used to change Admin & TGS keys, this is at risk during
* multi-threaded operation, but I think the consequences are fairly
@ -204,13 +232,12 @@ static int kaprocsInited = 0;
/* This variable is protected by the kaprocsInited flag. */
static int (*rebuildDatabase) ();
static int (*rebuildDatabase) (struct ubik_trans *);
/* This is called to initialize the database */
static int
initialize_database(tt)
struct ubik_trans *tt;
initialize_database(struct ubik_trans *tt)
{
struct ktc_encryptionKey key;
int code;
@ -235,9 +262,7 @@ initialize_database(tt)
parameter passes some information about the command line arguments. */
afs_int32
init_kaprocs(lclpath, initFlags)
char *lclpath;
int initFlags;
init_kaprocs(char *lclpath, int initFlags)
{
int code;
struct ubik_trans *tt;
@ -277,7 +302,7 @@ init_kaprocs(lclpath, initFlags)
init_kadatabase(initFlags);
rebuildDatabase = initialize_database;
if (code = InitAuthServ(&tt, LOCKREAD, 0)) {
if ((code = InitAuthServ(&tt, LOCKREAD, 0))) {
printf("init_kaprocs: InitAuthServ failed: code = %d\n", code);
return code;
}
@ -317,8 +342,7 @@ static char tgsPrincipal[256];
static char tgsServerPrincipal[256];
void
save_principal(p, n, i, c)
char *p, *n, *i, *c;
save_principal(char *p, char *n, char *i, char *c)
{
int s = 255;
int l;
@ -350,11 +374,10 @@ save_principal(p, n, i, c)
}
static afs_int32
check_auth(call, at, admin, acaller_id)
struct rx_call *call;
struct ubik_trans *at;
int admin; /* require caller to be ADMIN */
afs_int32 *acaller_id;
check_auth(struct rx_call *call,
struct ubik_trans *at,
int admin, /* require caller to be ADMIN */
afs_int32 *acaller_id)
{
rxkad_level level;
char name[MAXKTCNAMELEN];
@ -443,7 +466,7 @@ check_auth(call, at, admin, acaller_id)
}
afs_int32
AwaitInitialization()
AwaitInitialization(void)
{
afs_int32 start = 0;
while (!kaprocsInited) {
@ -460,10 +483,9 @@ AwaitInitialization()
the database header into core */
afs_int32
InitAuthServ(tt, lock, this_op)
struct ubik_trans **tt;
int lock; /* indicate read/write transaction */
int *this_op; /* opcode of RPC proc, for COUNT_ABO */
InitAuthServ(struct ubik_trans **tt,
int lock, /* indicate read/write transaction */
int *this_op) /* opcode of RPC proc, for COUNT_ABO */
{
int code;
afs_int32 start = 0; /* time started waiting for quorum */
@ -471,7 +493,7 @@ InitAuthServ(tt, lock, this_op)
/* Wait for server initialization to finish if not during init_kaprocs */
if (this_op)
if (code = AwaitInitialization())
if ((code = AwaitInitialization()))
return code;
for (code = UNOQUORUM; code == UNOQUORUM;) {
@ -500,7 +522,7 @@ InitAuthServ(tt, lock, this_op)
}
if (code)
return code;
if (code = ubik_SetLock(*tt, 1, 1, lock)) {
if ((code = ubik_SetLock(*tt, 1, 1, lock))) {
if (this_op)
COUNT_ABO;
ubik_AbortTrans(*tt);
@ -518,16 +540,16 @@ InitAuthServ(tt, lock, this_op)
* in CheckInit before nuking the database. Since this may now get
* a UNOQUORUM we'll just do this from the top.
*/
if (code = InitAuthServ(tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(tt, LOCKWRITE, this_op)))
return code;
if (code = ubik_EndTrans(*tt))
if ((code = ubik_EndTrans(*tt)))
return code;
/* now open the read transaction that was originally requested. */
return InitAuthServ(tt, lock, this_op);
}
} else {
if (code = CheckInit(*tt, rebuildDatabase)) {
if ((code = CheckInit(*tt, rebuildDatabase))) {
if (this_op)
COUNT_ABO;
ubik_AbortTrans(*tt);
@ -542,22 +564,16 @@ InitAuthServ(tt, lock, this_op)
/* returns true if name is specially known by AuthServer */
static int
special_name(name, instance)
char *name;
char *instance;
special_name(char *name, char *instance)
{
return ((!strcmp(name, KA_TGS_NAME) && !strcmp(instance, lrealm))
|| (strcmp(name, KA_ADMIN_NAME) == 0));
}
static int
create_user(tt, name, instance, key, caller, flags)
struct ubik_trans *tt;
char *name;
char *instance;
EncryptionKey *key;
afs_int32 caller;
afs_int32 flags;
create_user(struct ubik_trans *tt, char *name, char *instance,
EncryptionKey *key, afs_int32 caller, afs_int32 flags)
{
register int code;
afs_int32 to;
@ -581,7 +597,7 @@ create_user(tt, name, instance, key, caller, flags)
if (special_name(name, instance)) { /* this overrides key & version */
tentry.flags = htonl(ntohl(tentry.flags) | KAFSPECIAL);
tentry.key_version = htonl(-1); /* don't save this key */
if (code = ka_NewKey(tt, to, &tentry, key))
if ((code = ka_NewKey(tt, to, &tentry, key)))
return code;
} else {
memcpy(&tentry.key, key, sizeof(tentry.key));
@ -614,11 +630,8 @@ create_user(tt, name, instance, key, caller, flags)
/* Put actual stub routines here */
afs_int32
SKAM_CreateUser(call, aname, ainstance, ainitpw)
struct rx_call *call;
char *aname;
char *ainstance;
EncryptionKey ainitpw;
SKAM_CreateUser(struct rx_call *call, char *aname, char *ainstance,
EncryptionKey ainitpw)
{
afs_int32 code;
@ -630,11 +643,8 @@ SKAM_CreateUser(call, aname, ainstance, ainitpw)
afs_int32
kamCreateUser(call, aname, ainstance, ainitpw)
struct rx_call *call;
char *aname;
char *ainstance;
EncryptionKey ainitpw;
kamCreateUser(struct rx_call *call, char *aname, char *ainstance,
EncryptionKey ainitpw)
{
register int code;
struct ubik_trans *tt;
@ -645,7 +655,7 @@ kamCreateUser(call, aname, ainstance, ainitpw)
return KABADKEY;
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(&tt, LOCKWRITE, this_op)))
return code;
code = check_auth(call, tt, 1, &caller);
if (code) {
@ -666,12 +676,8 @@ kamCreateUser(call, aname, ainstance, ainitpw)
}
afs_int32
SKAA_ChangePassword(call, aname, ainstance, arequest, oanswer)
struct rx_call *call;
char *aname;
char *ainstance;
ka_CBS *arequest;
ka_BBS *oanswer;
SKAA_ChangePassword(struct rx_call *call, char *aname, char *ainstance,
ka_CBS *arequest, ka_BBS *oanswer)
{
afs_int32 code;
@ -682,12 +688,8 @@ SKAA_ChangePassword(call, aname, ainstance, arequest, oanswer)
}
afs_int32
ChangePassWord(call, aname, ainstance, arequest, oanswer)
struct rx_call *call;
char *aname;
char *ainstance;
ka_CBS *arequest;
ka_BBS *oanswer;
ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
ka_CBS *arequest, ka_BBS *oanswer)
{
register int code;
struct ubik_trans *tt;
@ -705,7 +707,7 @@ ChangePassWord(call, aname, ainstance, arequest, oanswer)
return KABADNAME;
if (strcmp(ainstance, KA_ADMIN_NAME) == 0)
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(&tt, LOCKWRITE, this_op)))
return code;
code = FindBlock(tt, aname, ainstance, &to, &tentry);
@ -722,7 +724,7 @@ ChangePassWord(call, aname, ainstance, arequest, oanswer)
}
/* decrypt request w/ user password */
if (code = des_key_sched(&tentry.key, user_schedule))
if ((code = des_key_sched(&tentry.key, user_schedule)))
es_Report("In KAChangePassword: key_sched returned %d\n", code);
des_pcbc_encrypt(arequest->SeqBody, &request,
min(arequest->SeqLen, sizeof(request)), user_schedule,
@ -785,9 +787,7 @@ ChangePassWord(call, aname, ainstance, arequest, oanswer)
}
static afs_int32
impose_reuse_limits(password, tentry)
EncryptionKey *password;
struct kaentry *tentry;
impose_reuse_limits(EncryptionKey *password, struct kaentry *tentry)
{
int code;
Date now;
@ -823,13 +823,8 @@ impose_reuse_limits(password, tentry)
static afs_int32
set_password(tt, name, instance, password, kvno, caller)
struct ubik_trans *tt;
char *name;
char *instance;
EncryptionKey *password;
afs_int32 kvno;
afs_int32 caller;
set_password(struct ubik_trans *tt, char *name, char *instance,
EncryptionKey *password, afs_int32 kvno, afs_int32 caller)
{
afs_int32 code;
afs_int32 to; /* offset of block */
@ -860,7 +855,7 @@ set_password(tt, name, instance, password, kvno, caller)
if (special_name(name, instance)) { /* set key over rides key_version */
tentry.flags = htonl(ntohl(tentry.flags) | KAFSPECIAL);
if (code = ka_NewKey(tt, to, &tentry, password))
if ((code = ka_NewKey(tt, to, &tentry, password)))
return (code);
} else {
memcpy(&tentry.key, password, sizeof(tentry.key));
@ -893,12 +888,8 @@ set_password(tt, name, instance, password, kvno, caller)
}
afs_int32
SKAM_SetPassword(call, aname, ainstance, akvno, apassword)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 akvno;
EncryptionKey apassword;
SKAM_SetPassword(struct rx_call *call, char *aname, char *ainstance,
afs_int32 akvno, EncryptionKey apassword)
{
afs_int32 code;
@ -909,12 +900,8 @@ SKAM_SetPassword(call, aname, ainstance, akvno, apassword)
}
afs_int32
kamSetPassword(call, aname, ainstance, akvno, apassword)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 akvno;
EncryptionKey apassword;
kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
afs_int32 akvno, EncryptionKey apassword)
{
register int code;
struct ubik_trans *tt;
@ -929,13 +916,13 @@ kamSetPassword(call, aname, ainstance, akvno, apassword)
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(&tt, LOCKWRITE, this_op)))
return code;
code = check_auth(call, tt, 0, &caller);
if (code) {
goto abort;
}
if (code = karead(tt, caller, &tentry, sizeof(tentry))) {
if ((code = karead(tt, caller, &tentry, sizeof(tentry)))) {
code = KAIO;
goto abort;
}
@ -969,8 +956,7 @@ kamSetPassword(call, aname, ainstance, akvno, apassword)
}
static Date
CoerseLifetime(start, end)
Date start, end;
CoerseLifetime(Date start, Date end)
{
unsigned char kerberosV4Life;
kerberosV4Life = time_to_life(start, end);
@ -979,13 +965,12 @@ CoerseLifetime(start, end)
}
static afs_int32
GetEndTime(start, reqEnd, expiration, caller, server, endP)
IN Date start; /* start time of ticket */
IN Date reqEnd; /* requested end time */
IN Date expiration; /* authorizing ticket's expiration */
IN struct kaentry *caller;
IN struct kaentry *server;
OUT Date *endP; /* actual end time */
GetEndTime(Date start, /* start time of ticket */
Date reqEnd, /* requested end time */
Date expiration, /* authorizing ticket's expiration */
struct kaentry *caller,
struct kaentry *server,
Date *endP) /* actual end time */
{
Date cExp, sExp;
Date cLife, sLife;
@ -1015,17 +1000,10 @@ GetEndTime(start, reqEnd, expiration, caller, server, endP)
}
static afs_int32
PrepareTicketAnswer(oanswer, challenge, ticket, ticketLen, sessionKey, start,
end, caller, server, cell, label)
ka_BBS *oanswer;
afs_int32 challenge;
char *ticket;
afs_int32 ticketLen;
struct ktc_encryptionKey *sessionKey;
Date start, end;
struct kaentry *caller, *server;
char *cell;
char *label;
PrepareTicketAnswer(ka_BBS *oanswer, afs_int32 challenge, char *ticket,
afs_int32 ticketLen, struct ktc_encryptionKey *sessionKey,
Date start, Date end, struct kaentry *caller,
struct kaentry *server, char *cell, char *label)
{
afs_int32 code;
struct ka_ticketAnswer *answer;
@ -1086,14 +1064,8 @@ PrepareTicketAnswer(oanswer, challenge, ticket, ticketLen, sessionKey, start,
is normally disabled for these two principals. */
static afs_int32
Authenticate(version, call, aname, ainstance, start, end, arequest, oanswer)
int version;
struct rx_call *call;
char *aname;
char *ainstance;
Date start, end;
ka_CBS *arequest;
ka_BBS *oanswer;
Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
{
int code;
struct ubik_trans *tt;
@ -1120,7 +1092,7 @@ Authenticate(version, call, aname, ainstance, start, end, arequest, oanswer)
COUNT_REQ(Authenticate);
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
get_time(&now, 0, 0);
@ -1150,7 +1122,7 @@ Authenticate(version, call, aname, ainstance, start, end, arequest, oanswer)
save_principal(authPrincipal, aname, ainstance, 0);
/* decrypt request w/ user password */
if (code = des_key_sched(&tentry.key, user_schedule))
if ((code = des_key_sched(&tentry.key, user_schedule)))
es_Report("In KAAuthenticate: key_sched returned %d\n", code);
des_pcbc_encrypt(arequest->SeqBody, &request,
min(arequest->SeqLen, sizeof(request)), user_schedule,
@ -1309,13 +1281,9 @@ Authenticate(version, call, aname, ainstance, start, end, arequest, oanswer)
}
afs_int32
SKAA_Authenticate_old(call, aname, ainstance, start, end, arequest, oanswer)
struct rx_call *call;
char *aname;
char *ainstance;
Date start, end;
ka_CBS *arequest;
ka_BBS *oanswer;
SKAA_Authenticate_old(struct rx_call *call, char *aname, char *ainstance,
Date start, Date end, ka_CBS *arequest,
ka_BBS *oanswer)
{
int code;
@ -1330,13 +1298,8 @@ SKAA_Authenticate_old(call, aname, ainstance, start, end, arequest, oanswer)
}
afs_int32
SKAA_Authenticate(call, aname, ainstance, start, end, arequest, oanswer)
struct rx_call *call;
char *aname;
char *ainstance;
Date start, end;
ka_CBS *arequest;
ka_BBS *oanswer;
SKAA_Authenticate(struct rx_call *call, char *aname, char *ainstance,
Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
{
int code;
@ -1350,13 +1313,8 @@ SKAA_Authenticate(call, aname, ainstance, start, end, arequest, oanswer)
}
afs_int32
SKAA_AuthenticateV2(call, aname, ainstance, start, end, arequest, oanswer)
struct rx_call *call;
char *aname;
char *ainstance;
Date start, end;
ka_CBS *arequest;
ka_BBS *oanswer;
SKAA_AuthenticateV2(struct rx_call *call, char *aname, char *ainstance,
Date start, Date end, ka_CBS *arequest, ka_BBS *oanswer)
{
int code;
@ -1370,17 +1328,15 @@ SKAA_AuthenticateV2(call, aname, ainstance, start, end, arequest, oanswer)
}
afs_int32
SKAM_SetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
amaxAssociates, misc_auth_bytes, spare2)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 aflags;
Date aexpiration;
afs_int32 alifetime;
afs_int32 amaxAssociates;
afs_uint32 misc_auth_bytes; /* 4 bytes, each 0 means unspecified */
afs_int32 spare2;
SKAM_SetFields(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 aflags,
Date aexpiration,
afs_int32 alifetime,
afs_int32 amaxAssociates,
afs_uint32 misc_auth_bytes, /* 4 bytes, each 0 means unspecified */
afs_int32 spare2)
{
afs_int32 code;
@ -1394,17 +1350,15 @@ SKAM_SetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
}
afs_int32
kamSetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
amaxAssociates, misc_auth_bytes, spare2)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 aflags;
Date aexpiration;
afs_int32 alifetime;
afs_int32 amaxAssociates;
afs_uint32 misc_auth_bytes; /* 4 bytes, each 0 means unspecified */
afs_int32 spare2;
kamSetFields(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 aflags,
Date aexpiration,
afs_int32 alifetime,
afs_int32 amaxAssociates,
afs_uint32 misc_auth_bytes, /* 4 bytes, each 0 means unspecified */
afs_int32 spare2)
{
afs_int32 code;
Date now;
@ -1426,7 +1380,7 @@ kamSetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
return KABADARGUMENT; /* arguments no good */
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(&tt, LOCKWRITE, this_op)))
return code;
code = check_auth(call, tt, 1, &caller);
if (code) {
@ -1452,13 +1406,13 @@ kamSetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
delta = -1;
else
delta = 1;
if (code = update_admin_count(tt, delta))
if ((code = update_admin_count(tt, delta)))
goto abort;
}
tentry.flags =
htonl((ntohl(tentry.flags) & ~KAF_SETTABLE_FLAGS) | aflags);
}
if (code = get_time(&now, tt, 1))
if ((code = get_time(&now, tt, 1)))
goto abort;
if (aexpiration) {
tentry.user_expiration = htonl(aexpiration);
@ -1536,10 +1490,7 @@ kamSetFields(call, aname, ainstance, aflags, aexpiration, alifetime,
/* delete a user */
afs_int32
SKAM_DeleteUser(call, aname, ainstance)
struct rx_call *call;
char *aname;
char *ainstance;
SKAM_DeleteUser(struct rx_call *call, char *aname, char *ainstance)
{
afs_int32 code;
@ -1550,10 +1501,7 @@ SKAM_DeleteUser(call, aname, ainstance)
}
afs_int32
kamDeleteUser(call, aname, ainstance)
struct rx_call *call;
char *aname;
char *ainstance;
kamDeleteUser(struct rx_call *call, char *aname, char *ainstance)
{
register int code;
struct ubik_trans *tt;
@ -1566,7 +1514,7 @@ kamDeleteUser(call, aname, ainstance)
COUNT_REQ(DeleteUser);
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKWRITE, this_op))
if ((code = InitAuthServ(&tt, LOCKWRITE, this_op)))
return code;
code = check_auth(call, tt, 1, &caller);
if (code) {
@ -1590,11 +1538,11 @@ kamDeleteUser(call, aname, ainstance)
/* track all AuthServer identities */
if (special_name(aname, ainstance))
if (code = ka_DelKey(tt, to, &tentry))
if ((code = ka_DelKey(tt, to, &tentry)))
goto abort;
if (ntohl(tentry.flags) & KAFADMIN) /* keep admin count up-to-date */
if (code = update_admin_count(tt, -1))
if ((code = update_admin_count(tt, -1)))
goto abort;
if ((code = UnthreadBlock(tt, &tentry)) || (code = FreeBlock(tt, to)) || (code = get_time(0, tt, 1)) /* update randomness */
@ -1615,12 +1563,11 @@ kamDeleteUser(call, aname, ainstance)
* will be unlocked.
*/
afs_int32
SKAM_GetEntry(call, aname, ainstance, aversion, aentry)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 aversion; /* major version assumed by caller */
kaentryinfo *aentry; /* entry data copied here */
SKAM_GetEntry(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 aversion, /* major version assumed by caller */
kaentryinfo *aentry) /* entry data copied here */
{
afs_int32 code;
@ -1631,12 +1578,11 @@ SKAM_GetEntry(call, aname, ainstance, aversion, aentry)
}
afs_int32
kamGetEntry(call, aname, ainstance, aversion, aentry)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 aversion; /* major version assumed by caller */
kaentryinfo *aentry; /* entry data copied here */
kamGetEntry(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 aversion, /* major version assumed by caller */
kaentryinfo *aentry) /* entry data copied here */
{
register afs_int32 code;
struct ubik_trans *tt;
@ -1653,7 +1599,7 @@ kamGetEntry(call, aname, ainstance, aversion, aentry)
return KAOLDINTERFACE;
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
code = check_auth(call, tt, 0, &callerIndex);
if (code) {
@ -1664,7 +1610,7 @@ kamGetEntry(call, aname, ainstance, aversion, aentry)
code = KANOENT;
goto abort;
} else {
if (code = karead(tt, callerIndex, &caller, sizeof(caller))) {
if ((code = karead(tt, callerIndex, &caller, sizeof(caller)))) {
code = KAIO;
goto abort;
}
@ -1743,12 +1689,11 @@ kamGetEntry(call, aname, ainstance, aversion, aentry)
}
afs_int32
SKAM_ListEntry(call, previous_index, index, count, name)
struct rx_call *call;
afs_int32 previous_index; /* last entry ret'd or 0 for first */
afs_int32 *index; /* index of this entry */
afs_int32 *count; /* total entries in database */
kaident *name; /* name & instance of this entry */
SKAM_ListEntry(struct rx_call *call,
afs_int32 previous_index, /* last entry ret'd or 0 for first */
afs_int32 *index, /* index of this entry */
afs_int32 *count, /* total entries in database */
kaident *name) /* name & instance of this entry */
{
afs_int32 code;
@ -1759,12 +1704,11 @@ SKAM_ListEntry(call, previous_index, index, count, name)
afs_int32
kamListEntry(call, previous_index, index, count, name)
struct rx_call *call;
afs_int32 previous_index; /* last entry ret'd or 0 for first */
afs_int32 *index; /* index of this entry */
afs_int32 *count; /* total entries in database */
kaident *name; /* name & instance of this entry */
kamListEntry(struct rx_call *call,
afs_int32 previous_index, /* last entry ret'd or 0 for first */
afs_int32 *index, /* index of this entry */
afs_int32 *count, /* total entries in database */
kaident *name) /* name & instance of this entry */
{
register int code;
struct ubik_trans *tt;
@ -1772,7 +1716,7 @@ kamListEntry(call, previous_index, index, count, name)
struct kaentry tentry;
COUNT_REQ(ListEntry);
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
code = check_auth(call, tt, 1, &caller);
if (code) {
@ -1803,17 +1747,15 @@ kamListEntry(call, previous_index, index, count, name)
}
static afs_int32
GetTicket(version, call, kvno, authDomain, aticket, sname, sinstance, atimes,
oanswer)
int version;
struct rx_call *call;
afs_int32 kvno;
char *authDomain;
ka_CBS *aticket;
char *sname;
char *sinstance;
ka_CBS *atimes; /* encrypted start & end time */
ka_BBS *oanswer;
GetTicket(int version,
struct rx_call *call,
afs_int32 kvno,
char *authDomain,
ka_CBS *aticket,
char *sname,
char *sinstance,
ka_CBS *atimes, /* encrypted start & end time */
ka_BBS *oanswer)
{
afs_int32 code;
int import, export;
@ -1844,7 +1786,7 @@ GetTicket(version, call, kvno, authDomain, aticket, sname, sinstance, atimes,
return KABADNAME;
if (atimes->SeqLen != sizeof(times))
return KABADARGUMENT;
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
export = import = 0;
@ -1869,7 +1811,7 @@ GetTicket(version, call, kvno, authDomain, aticket, sname, sinstance, atimes,
}
save_principal(tgsPrincipal, name, instance, cell);
if (code = get_time(&now, 0, 0))
if ((code = get_time(&now, 0, 0)))
goto abort;
code = tkt_CheckTimes(start, expiration, now);
@ -2022,16 +1964,14 @@ GetTicket(version, call, kvno, authDomain, aticket, sname, sinstance, atimes,
}
afs_int32
SKAT_GetTicket_old(call, kvno, authDomain, aticket, sname, sinstance, atimes,
oanswer)
struct rx_call *call;
afs_int32 kvno;
char *authDomain;
ka_CBS *aticket;
char *sname;
char *sinstance;
ka_CBS *atimes; /* encrypted start & end time */
ka_BBS *oanswer;
SKAT_GetTicket_old(struct rx_call *call,
afs_int32 kvno,
char *authDomain,
ka_CBS *aticket,
char *sname,
char *sinstance,
ka_CBS *atimes, /* encrypted start & end time */
ka_BBS *oanswer)
{
int code;
@ -2046,16 +1986,14 @@ SKAT_GetTicket_old(call, kvno, authDomain, aticket, sname, sinstance, atimes,
}
afs_int32
SKAT_GetTicket(call, kvno, authDomain, aticket, sname, sinstance, atimes,
oanswer)
struct rx_call *call;
afs_int32 kvno;
char *authDomain;
ka_CBS *aticket;
char *sname;
char *sinstance;
ka_CBS *atimes; /* encrypted start & end time */
ka_BBS *oanswer;
SKAT_GetTicket(struct rx_call *call,
afs_int32 kvno,
char *authDomain,
ka_CBS *aticket,
char *sname,
char *sinstance,
ka_CBS *atimes, /* encrypted start & end time */
ka_BBS *oanswer)
{
int code;
@ -2068,12 +2006,9 @@ SKAT_GetTicket(call, kvno, authDomain, aticket, sname, sinstance, atimes,
}
afs_int32
SKAM_GetStats(call, version, admin_accounts, statics, dynamics)
struct rx_call *call;
afs_int32 version;
afs_int32 *admin_accounts;
kasstats *statics;
kadstats *dynamics;
SKAM_GetStats(struct rx_call *call, afs_int32 version,
afs_int32 *admin_accounts, kasstats *statics,
kadstats *dynamics)
{
afs_int32 code;
@ -2083,12 +2018,9 @@ SKAM_GetStats(call, version, admin_accounts, statics, dynamics)
}
afs_int32
kamGetStats(call, version, admin_accounts, statics, dynamics)
struct rx_call *call;
afs_int32 version;
afs_int32 *admin_accounts;
kasstats *statics;
kadstats *dynamics;
kamGetStats(struct rx_call *call, afs_int32 version,
afs_int32 *admin_accounts, kasstats *statics,
kadstats *dynamics)
{
afs_int32 code;
struct ubik_trans *tt;
@ -2097,7 +2029,7 @@ kamGetStats(call, version, admin_accounts, statics, dynamics)
COUNT_REQ(GetStats);
if (version != KAMAJORVERSION)
return KAOLDINTERFACE;
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
code = check_auth(call, tt, 1, &caller);
if (code) {
@ -2160,10 +2092,7 @@ kamGetStats(call, version, admin_accounts, statics, dynamics)
}
afs_int32
SKAM_GetPassword(call, name, password)
struct rx_call *call;
char *name;
EncryptionKey *password;
SKAM_GetPassword(struct rx_call *call, char *name, EncryptionKey *password)
{
afs_int32 code;
@ -2173,10 +2102,7 @@ SKAM_GetPassword(call, name, password)
}
afs_int32
kamGetPassword(call, name, password)
struct rx_call *call;
char *name;
EncryptionKey *password;
kamGetPassword(struct rx_call *call, char *name, EncryptionKey *password)
{
int code = KANOAUTH;
COUNT_REQ(GetPassword);
@ -2224,9 +2150,7 @@ kamGetPassword(call, name, password)
}
afs_int32
SKAM_GetRandomKey(call, key)
struct rx_call *call;
EncryptionKey *key;
SKAM_GetRandomKey(struct rx_call *call, EncryptionKey *key)
{
afs_int32 code;
@ -2236,14 +2160,12 @@ SKAM_GetRandomKey(call, key)
}
afs_int32
kamGetRandomKey(call, key)
struct rx_call *call;
EncryptionKey *key;
kamGetRandomKey(struct rx_call *call, EncryptionKey *key)
{
int code;
COUNT_REQ(GetRandomKey);
if (code = AwaitInitialization())
if ((code = AwaitInitialization()))
return code;
code = des_random_key(key);
if (code)
@ -2252,11 +2174,10 @@ kamGetRandomKey(call, key)
}
afs_int32
SKAM_Debug(call, version, checkDB, info)
struct rx_call *call;
afs_int32 version;
int checkDB; /* start a transaction to examine DB */
struct ka_debugInfo *info;
SKAM_Debug(struct rx_call *call,
afs_int32 version,
int checkDB, /* start a transaction to examine DB */
struct ka_debugInfo *info)
{
afs_int32 code;
@ -2266,11 +2187,10 @@ SKAM_Debug(call, version, checkDB, info)
}
afs_int32
kamDebug(call, version, checkDB, info)
struct rx_call *call;
afs_int32 version;
int checkDB; /* start a transaction to examine DB */
struct ka_debugInfo *info;
kamDebug(struct rx_call *call,
afs_int32 version,
int checkDB, /* start a transaction to examine DB */
struct ka_debugInfo *info)
{
/* COUNT_REQ (Debug); */
if (sizeof(struct kaentry) != sizeof(struct kaOldKeys))
@ -2330,13 +2250,15 @@ kamDebug(call, version, checkDB, info)
* a tacked-on-the-side data file.
* prob'ly ought to check the noauth flag.
*/
#define ABORTIF(A) {if(code= A){goto abort;}}
#define ABORTIF(A) {if((code = A)){goto abort;}}
afs_int32
SKAM_Unlock(call, aname, ainstance, spare1, spare2, spare3, spare4)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 spare1, spare2, spare3, spare4;
SKAM_Unlock(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 spare1,
afs_int32 spare2,
afs_int32 spare3,
afs_int32 spare4)
{
register int code;
struct ubik_trans *tt;
@ -2349,7 +2271,7 @@ SKAM_Unlock(call, aname, ainstance, spare1, spare2, spare3, spare4)
code = KABADNAME;
goto exit;
}
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
goto exit;
ABORTIF(check_auth(call, tt, 1, &caller));
@ -2374,13 +2296,14 @@ SKAM_Unlock(call, aname, ainstance, spare1, spare2, spare3, spare4)
}
afs_int32
SKAM_LockStatus(call, aname, ainstance, lockeduntil, spare1, spare2, spare3,
spare4)
struct rx_call *call;
char *aname;
char *ainstance;
afs_int32 *lockeduntil;
afs_int32 spare1, spare2, spare3, spare4;
SKAM_LockStatus(struct rx_call *call,
char *aname,
char *ainstance,
afs_int32 *lockeduntil,
afs_int32 spare1,
afs_int32 spare2,
afs_int32 spare3,
afs_int32 spare4)
{
register int code;
struct ubik_trans *tt;
@ -2396,10 +2319,10 @@ SKAM_LockStatus(call, aname, ainstance, lockeduntil, spare1, spare2, spare3,
code = KABADNAME;
goto exit;
}
if (code = InitAuthServ(&tt, LOCKREAD, this_op))
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
goto exit;
if (code = check_auth(call, tt, 0, &callerIndex))
if ((code = check_auth(call, tt, 0, &callerIndex)))
goto abort;
if (!noAuthenticationRequired && callerIndex) {
@ -2415,7 +2338,7 @@ SKAM_LockStatus(call, aname, ainstance, lockeduntil, spare1, spare2, spare3,
}
}
if (code = FindBlock(tt, aname, ainstance, &to, &tentry))
if ((code = FindBlock(tt, aname, ainstance, &to, &tentry)))
goto abort;
if (to == 0) {

1
src/kauth/kaserver.h
View File

@ -167,4 +167,5 @@ extern int kaux_islocked(afs_int32 to, u_int attempts, u_int locktime);
extern afs_int32 krb4_cross;
extern afs_int32 es_Report(char *fmt, ...);
#define LOCKPW

28
src/kauth/kauth_internal.h Normal file
View File

@ -0,0 +1,28 @@
/* kadatabase.c */
extern void init_kadatabase(int initFlags);
extern afs_int32 ka_LookupKey(struct ubik_trans *tt,
char *name, char *inst,
afs_int32 *kvno,
struct ktc_encryptionKey *key);
extern afs_int32 FindBlock(struct ubik_trans *at, char *aname,
char *ainstance, afs_int32 *toP,
struct kaentry *tentry);
extern afs_int32 ThreadBlock(struct ubik_trans *at, afs_int32 index,
struct kaentry *tentry);
extern afs_int32 ka_FillKeyCache(struct ubik_trans *tt);
extern afs_int32 CheckInit(struct ubik_trans *at,
int (*db_init) (struct ubik_trans *));
extern afs_int32 AllocBlock(struct ubik_trans *at, struct kaentry *tentry);
extern afs_int32 ka_NewKey(struct ubik_trans *tt, afs_int32 tentryaddr,
struct kaentry *tentry,
struct ktc_encryptionKey *key);
extern int name_instance_legal(char *name, char *instance);

6
src/kauth/kautils.c
View File

@ -49,14 +49,14 @@ ka_PrintUserID(char *prefix, /* part to be output before userID */
if (isalnum(*c) || (ispunct(*c) && (*c != '.') && (*c != '@')))
printf("%c", *c);
else
printf("\\%0.3o", *c);
printf("\\%.3o", *c);
if (instance && strlen(instance)) {
printf(".");
for (c = (unsigned char *)instance; *c; c++)
if (isalnum(*c) || (ispunct(*c) && (*c != '@')))
printf("%c", *c);
else
printf("\\%0.3o", *c);
printf("\\%.3o", *c);
}
printf("%s", postfix);
}
@ -68,7 +68,7 @@ ka_PrintBytes(char bs[], int bl)
for (i = 0; i < bl; i++) {
unsigned char c = bs[i];
printf("\\%0.3o", c);
printf("\\%.3o", c);
}
}

16
src/kauth/kdb.c
View File

@ -27,7 +27,7 @@ RCSID
#ifdef AUTH_DBM_LOG
char *dbmfile;
const char *dbmfile;
static int
cmdproc(register struct cmd_syndesc *as, void * arock)
@ -35,7 +35,7 @@ cmdproc(register struct cmd_syndesc *as, void * arock)
DBM *kdb;
datum key, data;
kalog_elt rdata;
register afs_int32 code = 0, cnt = 0;
afs_int32 cnt = 0;
register struct cmd_item *ti;
if (as->parms[0].items) {
@ -64,16 +64,18 @@ cmdproc(register struct cmd_syndesc *as, void * arock)
if (! as->parms[3].items) {
char *hostName;
hostName = hostutil_GetNameByINet(rdata.host);
printf("%s: last operation from host %s at %s", key.dptr,
hostName, ctime(&rdata.last_use));
printf("%s: last operation from host %s at %s",
(char *)key.dptr, hostName,
ctime(&rdata.last_use));
} else {
char *hostIP;
hostIP = afs_inet_ntoa(rdata.host);
printf("%s: last operation from host %s at %s", key.dptr,
hostIP, ctime(&rdata.last_use));
printf("%s: last operation from host %s at %s",
(char *)key.dptr, hostIP,
ctime(&rdata.last_use));
}
} else {
printf("\t%s\n", key.dptr);
printf("\t%s\n", (char *)key.dptr);
}
}
printf("%d entries were found\n", cnt);

36
src/kauth/kpasswd.c
View File

@ -77,7 +77,9 @@ int CommandProc(struct cmd_syndesc *, void *);
static int zero_argc;
static char **zero_argv;
extern int init_child(), give_to_child(), terminate_child();
extern int init_child(char *myname);
extern int give_to_child(char *pw);
extern int terminate_child(char *pw);
#ifdef AFS_NT40_ENV
struct passwd {
@ -87,10 +89,8 @@ char userName[128];
DWORD userNameLen;
#endif
main(argc, argv, envp)
int argc;
char *argv[];
char **envp;
int
main(int argc, char *argv[], char **envp)
{
struct cmd_syndesc *ts;
afs_int32 code;
@ -140,9 +140,7 @@ main(argc, argv, envp)
static void
getpipepass(gpbuf, len)
char *gpbuf;
int len;
getpipepass(char *gpbuf, int len)
{
/* read a password from stdin, stop on \n or eof */
register int i, tc;
@ -157,11 +155,7 @@ getpipepass(gpbuf, len)
}
static afs_int32
read_pass(passwd, len, prompt, verify)
char *passwd;
int len;
char *prompt;
int verify;
read_pass(char *passwd, int len, char *prompt, int verify)
{
afs_int32 code;
code = read_pw_string(passwd, len, prompt, verify);
@ -173,9 +167,7 @@ read_pass(passwd, len, prompt, verify)
}
static int
password_ok(newpw, insist)
char *newpw;
int *insist;
password_ok(char *newpw, int *insist)
{
if (insist == 0) {
/* see if it is reasonable, but don't get so obnoxious */
@ -192,7 +184,7 @@ static int Pipe = 0; /* reading from a pipe */
#if TIMEOUT
int
timedout()
timedout(void)
{
if (!Pipe)
fprintf(stderr, "%s: timed out\n", rn);
@ -201,6 +193,8 @@ timedout()
#endif
char passwd[BUFSIZ], npasswd[BUFSIZ], verify[BUFSIZ];
int
CommandProc(struct cmd_syndesc *as, void *arock)
{
char name[MAXKTCNAMELEN] = "";
@ -382,7 +376,7 @@ CommandProc(struct cmd_syndesc *as, void *arock)
strcpy(realm, lcell);
#endif /* freelance */
if (code = ka_CellToRealm(realm, realm, &local)) {
if ((code = ka_CellToRealm(realm, realm, &local))) {
if (!Pipe)
afs_com_err(rn, code, "Can't convert cell to realm");
exit(1);
@ -445,7 +439,7 @@ CommandProc(struct cmd_syndesc *as, void *arock)
memset(verify, 0, sizeof(verify));
}
}
if (code = password_bad(npasswd)) { /* assmt here! */
if ((code = password_bad(npasswd))) { /* assmt here! */
goto no_change_no_msg;
}
#if TRUNCATEPASSWORD
@ -554,7 +548,7 @@ CommandProc(struct cmd_syndesc *as, void *arock)
conn = 0;
}
rx_Finalize();
terminate_child();
terminate_child(NULL);
exit(code);
no_change: /* yuck, yuck, yuck */
@ -565,6 +559,6 @@ CommandProc(struct cmd_syndesc *as, void *arock)
memset(npasswd, 0, sizeof(npasswd));
printf("Password for '%s' in cell '%s' unchanged.\n\n", pw->pw_name,
cell);
terminate_child();
terminate_child(NULL);
exit(code ? code : 1);
}

40
src/kauth/rebuild.c
View File

@ -43,12 +43,12 @@ char *whoami = "kadb_check";
int fd;
FILE *out;
void badEntry();
void badEntry(afs_int32, afs_int32);
int listuheader, listkheader, listentries, verbose;
int
readUbikHeader()
readUbikHeader(void)
{
int offset, r;
struct ubik_hdr uheader;
@ -62,7 +62,7 @@ readUbikHeader()
/* now read the info */
r = read(fd, &uheader, sizeof(uheader));
if (r != sizeof(uheader)) {
printf("error: read of %d bytes failed: %d %d\n", sizeof(uheader), r,
printf("error: read of %lu bytes failed: %d %d\n", sizeof(uheader), r,
errno);
return (-1);
}
@ -91,8 +91,7 @@ readUbikHeader()
}
void
PrintHeader(header)
struct kaheader *header;
PrintHeader(struct kaheader *header)
{
printf("Version = %d\n", header->version);
printf("HeaderSize = %d\n", header->headerSize);
@ -110,9 +109,7 @@ PrintHeader(header)
}
void
PrintEntry(index, entry)
afs_int32 index;
struct kaentry *entry;
PrintEntry(afs_int32 index, struct kaentry *entry)
{
int i;
char Time[100];
@ -234,8 +231,7 @@ ntohEntry(struct kaentry *entryp)
char principal[64];
char *
EntryName(entryp)
struct kaentry *entryp;
EntryName(struct kaentry *entryp)
{
char name[32], inst[32];
@ -254,8 +250,7 @@ EntryName(entryp)
}
void
RebuildEntry(entryp)
struct kaentry *entryp;
RebuildEntry(struct kaentry *entryp)
{
char key[33];
char flags[128];
@ -305,8 +300,8 @@ RebuildEntry(entryp)
ntohl(entryp->key_version));
}
CheckHeader(header)
struct kaheader *header;
int
CheckHeader(struct kaheader *header)
{
afs_int32 i, code = 0;
@ -362,8 +357,7 @@ CheckHeader(header)
}
afs_int32
NameHash(entryp)
struct kaentry *entryp;
NameHash(struct kaentry *entryp)
{
unsigned int hash;
int i;
@ -379,10 +373,8 @@ NameHash(entryp)
return (hash % HASHSIZE);
}
readDB(offset, buffer, size)
afs_int32 offset;
char *buffer;
afs_int32 size;
int
readDB(afs_int32 offset, void *buffer, afs_int32 size)
{
afs_int32 code;
@ -610,8 +602,7 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
}
void
badEntry(e, i)
afs_int32 e, i;
badEntry(afs_int32 e, afs_int32 i)
{
int offset;
struct kaentry entry;
@ -643,9 +634,8 @@ badEntry(e, i)
fprintf(stderr, " ]\n");
}
main(argc, argv)
int argc;
char *argv[];
int
main(int argc, char **argv)
{
struct cmd_syndesc *ts;

12
src/kauth/user.c
View File

@ -50,11 +50,14 @@ RCSID
#include <afs/auth.h>
#include <afs/ptint.h>
#include <afs/pterror.h>
#include <afs/ptuser.h>
#include <afs/ptserver.h>
#include <afs/afsutil.h>
#include <rx/rx.h>
#include <rx/rx_globals.h>
#include <rx/rxkad.h> /* max ticket lifetime */
#include <des.h>
#include <des_prototypes.h>
#include "kauth.h"
#include "kautils.h"
#endif /* defined(UKERNEL) */
@ -66,7 +69,6 @@ GetTickets(char *name, char *instance, char *realm,
afs_int32 * pwexpires, afs_int32 flags)
{
afs_int32 code;
struct ktc_token token;
code = ka_GetAuthToken(name, instance, realm, key, lifetime, pwexpires);
memset(key, 0, sizeof(*key));
@ -147,13 +149,17 @@ ka_GetAFSTicket(char *name, char *instance, char *realm, Date lifetime,
#endif
afs_int32
ka_UserAuthenticateGeneral(afs_int32 flags, char *name, char *instance, char *realm, char *password, Date lifetime, afs_int32 * password_expires, /* days 'til, or don't change if not set */
ka_UserAuthenticateGeneral(afs_int32 flags, char *name, char *instance,
char *realm, char *password, Date lifetime,
afs_int32 * password_expires, /* days 'til, or don't change if not set */
afs_int32 spare2, char **reasonP)
{
int remainingTime = 0;
struct ktc_encryptionKey key;
afs_int32 code, dosetpag = 0;
int (*old) ();
#if !defined(AFS_NT40_ENV) && !defined(AFS_LINUX20_ENV) && !defined(AFS_USR_LINUX20_ENV) && !defined(AFS_XBSD_ENV)
sig_t old;
#endif
if (reasonP)
*reasonP = "";