jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 13:38:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

STABLE14-windows-afscreds-20050814

Browse Source 
When tokens expire, do not display an obtain tokens dialog if there
is no network connectivity to the kdc for the realm associated with
the cell.

In the en_US build, stop displaying the expiration time of tokens
after the tokens expire.


(cherry picked from commit 7c34c9b5c0fbdf0b9b9429c2e763c635857974ab)
This commit is contained in:
Jeffrey Altman 2005-08-14 12:27:40 +00:00
parent 0e6c760490
commit 372cd0a653
6 changed files with 93 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/txt/winnotes/afs-changes-since-1.2.txt
View File

@ -1,3 +1,15 @@
Since 1.3.87:
* afscreds.exe would display an Obtain Creds dialog when
the expired credentials reminder was triggered even
if there was no network path to the KDC. This is prevented
by adding KDC probe logic to the reminder thread.
* afscreds.exe would display expired tokens no differently
than unexpired ones. This would make it difficult for the
user to distiguish when the tokens were expired. For the
English build added a new resource string "(expired) that
is displayed instead of the expiration time.
Since 1.3.86:
* "fs wscell" when executed in freelance mode will return the
name of the cell configured in the registry. The root.afs

27
src/WINNT/client_creds/credstab.cpp
View File

@ -162,7 +162,24 @@ void Creds_OnUpdate (HWND hDlg)
SYSTEMTIME stGMT;
FileTimeToSystemTime (&ftGMT, &stGMT);
LPTSTR pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT);
SYSTEMTIME stNow;
GetLocalTime (&stNow);
FILETIME ftNow;
SystemTimeToFileTime (&stNow, &ftNow);
LONGLONG llNow = (((LONGLONG)ftNow.dwHighDateTime) << 32) + (LONGLONG)(ftNow.dwLowDateTime);
LONGLONG llExpires = (((LONGLONG)ftLocal.dwHighDateTime) << 32) + (LONGLONG)(ftLocal.dwLowDateTime);
llNow /= c100ns1SECOND;
llExpires /= c100ns1SECOND;
LPTSTR pszCreds = NULL;
if (llExpires <= (llNow + (LONGLONG)cminREMIND_WARN * csec1MINUTE))
pszCreds = FormatString (IDS_CREDS_EXPIRED, TEXT("%s"), g.aCreds[ iCreds ].szUser);
if (!pszCreds || !pszCreds[0])
pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT);
SetDlgItemText (hDlg, IDC_CREDS_INFO, pszCreds);
FreeString (pszCreds);
}
@ -228,10 +245,10 @@ void ShowObtainCreds (BOOL fExpiring, LPTSTR pszCell)
oc, 0, &threadID);
if (thread != NULL)
CloseHandle(thread);
else {
free(oc->cell);
free(oc);
}
else {
free(oc->cell);
free(oc);
}
}

8
src/WINNT/client_creds/ipaddrchg.c
View File

@ -295,10 +295,12 @@ ObtainTokensFromUserIfNeeded(HWND hWnd)
}
rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
if ( !rootcell ) goto cleanup;
if (!rootcell)
goto cleanup;
code = KFW_AFS_get_cellconfig(cell, (void*)&cellconfig, rootcell);
if ( code ) goto cleanup;
if (code)
goto cleanup;
memset(&aserver, '\0', sizeof(aserver));
strcpy(aserver.name, "afs");
@ -330,7 +332,7 @@ ObtainTokensFromUserIfNeeded(HWND hWnd)
#ifdef USE_FSPROBE
serverReachable = cellPing(NULL);
#else
if ( use_kfw ) {
if (use_kfw) {
// If we can't use the FSProbe interface we can attempt to forge
// a kinit and if we can back an invalid user error we know the
// kdc is at least reachable

1
src/WINNT/client_creds/lang/en_US/afscreds.rc
View File

@ -558,6 +558,7 @@ BEGIN
IDS_BADSUB_TITLE_95 "Error - AFS Light"
IDS_BADSUB_DESC "The drive letter description you entered cannot be used.\n\nA drive letter description may have no more than 12 characters, and may not contain spaces or tabs."
IDS_TITLE_95 "AFS Light"
IDS_CREDS_EXPIRED "%1 (expired)"
END
#endif // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////

1
src/WINNT/client_creds/resource.h
View File

@ -58,6 +58,7 @@
#define IDS_BADSUB_TITLE_95 48
#define IDS_BADSUB_DESC 49
#define IDS_TITLE_95 50
#define IDS_CREDS_EXPIRED 51
#define IDI_MAIN 100
#define IDD_MAIN 101

59
src/WINNT/client_creds/window.cpp
View File

@ -376,13 +376,58 @@ void Main_OnRemindTimer (void)
// dialog. Make sure we never display a warning more than once.
//
size_t iExpired;
if ((iExpired = Main_FindExpiredCreds()) != -1)
{
if (InterlockedIncrement (&g.fShowingMessage) != 1)
InterlockedDecrement (&g.fShowingMessage);
else
ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell);
}
if ((iExpired = Main_FindExpiredCreds()) != -1) {
if (InterlockedIncrement (&g.fShowingMessage) != 1) {
InterlockedDecrement (&g.fShowingMessage);
} else {
char * rootcell = NULL;
char password[PROBE_PASSWORD_LEN+1];
struct afsconf_cell cellconfig;
BOOL serverReachable = FALSE;
DWORD code;
rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
if (!rootcell)
goto cleanup;
code = KFW_AFS_get_cellconfig(g.aCreds[ iExpired ].szCell,
(afsconf_cell*)&cellconfig, rootcell);
if (code)
goto cleanup;
if (KFW_is_available()) {
// If we can't use the FSProbe interface we can attempt to forge
// a kinit and if we can back an invalid user error we know the
// kdc is at least reachable
serverReachable = KFW_probe_kdc(&cellconfig);
} else {
int i;
for ( i=0 ; i<PROBE_PASSWORD_LEN ; i++ )
password[i] = 'x';
code = ObtainNewCredentials(rootcell, PROBE_USERNAME, password, TRUE);
switch ( code ) {
case INTK_BADPW:
case KERB_ERR_PRINCIPAL_UNKNOWN:
case KERB_ERR_SERVICE_EXP:
case RD_AP_TIME:
serverReachable = TRUE;
break;
default:
serverReachable = FALSE;
}
}
cleanup:
if (rootcell)
GlobalFree(rootcell);
if (serverReachable)
ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell);
else
InterlockedDecrement (&g.fShowingMessage);
}
}
}