jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 13:38:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Windows: afslogon do not specify smbName for tokens

Browse Source 
The smbName was added to the Windows ktc_SetTokens() interface
to provide a mechanism for passing the Windows account name
that the tokens should be associated with via Integrated Logon.
This was only required when the Authentication Provider did not
impersonate the user context prior to calling ktc_SetTokens().
Now that impersonation is used, the ktc_SetTokens() call will
do the right thing without the smbName.  In fact, when impersonation
is used setting the smbName does the wrong thing by specifying
the AFS_PIOCTL_LOGON flag which is only valid if the SYSTEM account
is issuing the ktc_SetToken() call.

Change-Id: I6d04b56b815571f6e9fe3557544bd93a5b9ca735
Reviewed-on: http://gerrit.openafs.org/8490
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
This commit is contained in:
Jeffrey Altman 2012-11-21 18:03:10 -05:00
parent eca3d56436
commit 305133cde6
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/WINNT/afsd/afslogon.c
View File

@ -1071,7 +1071,7 @@ ObtainTokens( PLUID lpLogonId,
p = principal + tlen;
*p++ = '@';
StringCchCopy(p, len - tlen -1, pOpt->realm ? pOpt->realm : realm);
code = KFW_AFS_get_cred(principal, cell, password, 0, pOpt->smbName, preason);
code = KFW_AFS_get_cred(principal, cell, password, 0, NULL, preason);
DebugEvent("KFW_AFS_get_cred uname=[%s] smbname=[%s] cell=[%s] code=[%d]",
principal, pOpt->smbName, cell, code);
@ -1080,7 +1080,7 @@ ObtainTokens( PLUID lpLogonId,
while ( *p ) {
if ( cm_stricmp_utf8(p, cell) ) {
SetEnvironmentVariable(DO_NOT_REGISTER_VARNAME, "");
code2 = KFW_AFS_get_cred(principal, p, password, 0, pOpt->smbName, preason);
code2 = KFW_AFS_get_cred(principal, p, password, 0, NULL, preason);
SetEnvironmentVariable(DO_NOT_REGISTER_VARNAME, NULL);
DebugEvent("KFW_AFS_get_cred uname=[%s] smbname=[%s] cell=[%s] code=[%d]",
principal, pOpt->smbName, p, code2);
@ -1095,7 +1095,7 @@ ObtainTokens( PLUID lpLogonId,
} else {
code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
uname, "", cell, password, pOpt->smbName, 0, &pw_exp, 0,
uname, "", cell, password, NULL, 0, &pw_exp, 0,
preason);
DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2 Code[%x] uname[%s] smbname=[%s] Cell[%s] PwExp=[%d] Reason=[%s]",
code, uname, pOpt->smbName, cell, pw_exp, *preason ? *preason : "");