jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-20 16:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

afslogon-20040318

Browse Source 
Fix memory deallocation errors (never call free() on memory allocated
by GlobalAlloc() or LocalAlloc())

Modify event logging to be consistent between High and Low Security

Only generate a random user name when using High Security.  Use the normal
user name when running with Low security.
This commit is contained in:
Jeffrey Altman 2004-03-19 03:52:07 +00:00 committed by Jeffrey Altman
parent e8fc0557d3
commit 48913f747f
1 changed files with 110 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

209
src/WINNT/afsd/afslogon.c
View File

@ -138,7 +138,7 @@ WCHAR *GetLogonScript(CHAR *pname)
return NULL;
}
buf=(WCHAR *)LocalAlloc(LMEM_FIXED, LSPsize);
buf=(WCHAR *)LocalAlloc(LMEM_FIXED,LSPsize);
script=(WCHAR *)LocalAlloc(LMEM_FIXED,LSPsize+(MAXRANDOMNAMELEN)*sizeof(WCHAR));
/*
* Explicitly call UNICODE version
@ -148,10 +148,10 @@ WCHAR *GetLogonScript(CHAR *pname)
&LSPtype, (LPBYTE)buf, &LSPsize);
MultiByteToWideChar(CP_ACP,0,pname,strlen(pname)+1,randomName,(strlen(pname)+1)*sizeof(WCHAR));
swprintf(script,buf,randomName);
free(buf);
LocalFree(buf);
#ifdef DEBUG_VERBOSE
{
{
HANDLE h; char *ptbuf[1],buf[132],tbuf[255];
WideCharToMultiByte(CP_ACP,0,script,LSPsize,tbuf,255,NULL,NULL);
h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
@ -159,7 +159,7 @@ WCHAR *GetLogonScript(CHAR *pname)
ptbuf[0] = buf;
ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, ptbuf, NULL);
DeregisterEventSource(h);
}
}
#endif
RegCloseKey (NPKey);
@ -193,7 +193,7 @@ BOOLEAN AFSWillAutoStart(void)
goto close_svc;
/* Allocate buffer */
pConfig = (LPQUERY_SERVICE_CONFIG)GlobalAlloc(GMEM_FIXED, BufSize);
pConfig = (LPQUERY_SERVICE_CONFIG)GlobalAlloc(GMEM_FIXED,BufSize);
if (!pConfig)
goto close_svc;
@ -263,52 +263,52 @@ DWORD APIENTRY NPGetCaps(DWORD index)
static void GetLoginBehavior(int *pRetryInterval, BOOLEAN *pFailSilently)
{
long result;
HKEY hKey;
DWORD dummyLen;
long result;
HKEY hKey;
DWORD dummyLen;
result = RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PARMS_KEY, 0, KEY_QUERY_VALUE, &hKey);
if (result != ERROR_SUCCESS) {
*pRetryInterval = DEFAULT_RETRY_INTERVAL;
*pFailSilently = DEFAULT_FAIL_SILENTLY;
return;
}
if (result != ERROR_SUCCESS) {
*pRetryInterval = DEFAULT_RETRY_INTERVAL;
*pFailSilently = DEFAULT_FAIL_SILENTLY;
return;
}
result = RegQueryValueEx(hKey, REG_CLIENT_RETRY_INTERVAL_PARM, 0, 0, (BYTE *)pRetryInterval, &dummyLen);
if (result != ERROR_SUCCESS)
*pRetryInterval = DEFAULT_RETRY_INTERVAL;
result = RegQueryValueEx(hKey, REG_CLIENT_RETRY_INTERVAL_PARM, 0, 0, (BYTE *)pRetryInterval, &dummyLen);
if (result != ERROR_SUCCESS)
*pRetryInterval = DEFAULT_RETRY_INTERVAL;
result = RegQueryValueEx(hKey, REG_CLIENT_FAIL_SILENTLY_PARM, 0, 0, (BYTE *)pFailSilently, &dummyLen);
if (result != ERROR_SUCCESS)
*pFailSilently = DEFAULT_FAIL_SILENTLY;
result = RegQueryValueEx(hKey, REG_CLIENT_FAIL_SILENTLY_PARM, 0, 0, (BYTE *)pFailSilently, &dummyLen);
if (result != ERROR_SUCCESS)
*pFailSilently = DEFAULT_FAIL_SILENTLY;
/* Make sure this is really a bool value in the strict sense*/
*pFailSilently = !!*pFailSilently;
RegCloseKey(hKey);
}
/* Make sure this is really a bool value in the strict sense*/
*pFailSilently = !!*pFailSilently;
RegCloseKey(hKey);
}
BOOL IsServiceRunning (void)
{
SERVICE_STATUS Status;
SC_HANDLE hManager;
memset (&Status, 0x00, sizeof(Status));
Status.dwCurrentState = SERVICE_STOPPED;
SERVICE_STATUS Status;
SC_HANDLE hManager;
memset (&Status, 0x00, sizeof(Status));
Status.dwCurrentState = SERVICE_STOPPED;
if ((hManager = OpenSCManager (NULL, NULL, GENERIC_READ)) != NULL)
{
SC_HANDLE hService;
if ((hService = OpenService (hManager, TEXT("TransarcAFSDaemon"), GENERIC_READ)) != NULL)
{
if ((hManager = OpenSCManager (NULL, NULL, GENERIC_READ)) != NULL)
{
SC_HANDLE hService;
if ((hService = OpenService (hManager, TEXT("TransarcAFSDaemon"), GENERIC_READ)) != NULL)
{
QueryServiceStatus (hService, &Status);
CloseServiceHandle (hService);
}
}
CloseServiceHandle (hManager);
}
DebugEvent("AFS AfsLogon - Test Service Running","Return Code[%x] ?Running[%d]",Status.dwCurrentState,(Status.dwCurrentState == SERVICE_RUNNING));
return (Status.dwCurrentState == SERVICE_RUNNING);
}
CloseServiceHandle (hManager);
}
DebugEvent("AFS AfsLogon - Test Service Running","Return Code[%x] ?Running[%d]",Status.dwCurrentState,(Status.dwCurrentState == SERVICE_RUNNING));
return (Status.dwCurrentState == SERVICE_RUNNING);
}
DWORD APIENTRY NPLogonNotify(
PLUID lpLogonId,
@ -350,31 +350,32 @@ DWORD APIENTRY NPLogonNotify(
wcstombs(password, IL->Password.Buffer, 256);
/* Make sure AD-DOMANS sent from login that is sent to us is striped */
ctemp = strchr(uname, '@');
if (ctemp) *ctemp = 0;
ctemp = strchr(uname, '@');
if (ctemp) *ctemp = 0;
(void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PARMS_KEY,
0, KEY_QUERY_VALUE, &NPKey);
0, KEY_QUERY_VALUE, &NPKey);
LSPsize=sizeof(TraceOption);
RegQueryValueEx(NPKey, "TraceOption", NULL,
&LSPtype, (LPBYTE)&TraceOption, &LSPsize);
RegCloseKey (NPKey);
&LSPtype, (LPBYTE)&TraceOption, &LSPsize);
RegCloseKey (NPKey);
/*
* Get Logon OPTIONS
*/
(void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PROVIDER_KEY,
0, KEY_QUERY_VALUE, &NPKey);
0, KEY_QUERY_VALUE, &NPKey);
LSPsize=sizeof(LogonOption);
code = RegQueryValueEx(NPKey, "LogonOptions", NULL,
&LSPtype, (LPBYTE)&LogonOption, &LSPsize);
&LSPtype, (LPBYTE)&LogonOption, &LSPsize);
RegCloseKey (NPKey);
if ((code!=0) || (LSPtype!=REG_DWORD))
LogonOption=LOGON_OPTION_INTEGRATED; /*default to integrated logon only*/
DebugEvent("AFS AfsLogon - NPLogonNotify","LogonOption[%x], Service AutoStart[%d]",LogonOption,AFSWillAutoStart());
DebugEvent("AFS AfsLogon - NPLogonNotify","LogonOption[%x], Service AutoStart[%d]",
LogonOption,AFSWillAutoStart());
/* Check for zero length password if integrated logon*/
if ( ISLOGONINTEGRATED(LogonOption) && (password[0] == 0) ) {
code = GT_PW_NULL;
@ -398,87 +399,97 @@ DWORD APIENTRY NPLogonNotify(
afsWillAutoStart = AFSWillAutoStart();
*lpLogonScript = GetLogonScript(GenRandomName(RandomName)); /*only do if high security option is on*/
/*only do if high security option is on*/
if (ISHIGHSECURITY(LogonOption))
*lpLogonScript = GetLogonScript(GenRandomName(RandomName));
else
*lpLogonScript = GetLogonScript(uname);
/* loop until AFS is started. */
while (TRUE) {
code=0;
code=0;
/* is service started yet?*/
if (ISLOGONINTEGRATED(LogonOption) && !ISHIGHSECURITY(LogonOption)) /* if Integrated Logon only */
/* is service started yet?*/
DebugEvent("AFS AfsLogon - ka_UserAuthenticateGeneral2","Code[%x] uname[%s] Cell[%s]",
code,uname,cell);
/* if Integrated Logon only */
if (ISLOGONINTEGRATED(LogonOption) && !ISHIGHSECURITY(LogonOption))
{
DebugEvent("AFS AfsLogon - ka_UserAuthenticateGeneral2","Code[%x],uame[%s] Cell[%s]",code,uname,cell);
code = ka_UserAuthenticateGeneral2(
KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
uname, "", cell, password,uname, 0, &pw_exp, 0,
&reason);
DebugEvent("AFS AfsLogon - (INTEGERTED only)ka_UserAuthenticateGeneral2","Code[%x]",code);
} else if (ISLOGONINTEGRATED(LogonOption) && ISHIGHSECURITY(LogonOption)) /* if Integrated Logon and High Security pass random generated name*/
code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
uname, "", cell, password,uname, 0, &pw_exp, 0,
&reason);
DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2","Code[%x]",
code);
}
/* if Integrated Logon and High Security pass random generated name*/
else if (ISLOGONINTEGRATED(LogonOption) && ISHIGHSECURITY(LogonOption))
{
code = ka_UserAuthenticateGeneral2(
KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
uname, "", cell, password,RandomName, 0, &pw_exp, 0,
&reason);
DebugEvent("AFS AfsLogon - (Both)ka_UserAuthenticateGeneral2","Code[%x],RandomName[%s]",code,RandomName);
} else { /*JUST check to see if its running*/
code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
uname, "", cell, password,RandomName, 0, &pw_exp, 0,
&reason);
DebugEvent("AFS AfsLogon - (Both)ka_UserAuthenticateGeneral2","Code[%x] RandomName[%s]",
code, RandomName);
} else {
/*JUST check to see if its running*/
if (IsServiceRunning())
break;
break;
code = KTC_NOCM;
if (!afsWillAutoStart)
break;
break;
}
/* If we've failed because the client isn't running yet and the
* client is set to autostart (and therefore it makes sense for
* us to wait for it to start) then sleep a while and try again.
* If the error was something else, then give up. */
* client is set to autostart (and therefore it makes sense for
* us to wait for it to start) then sleep a while and try again.
* If the error was something else, then give up. */
if (code != KTC_NOCM && code != KTC_NOCMRPC || !afsWillAutoStart)
break;
/* If the retry interval has expired and we still aren't
* logged in, then just give up if we are not in interactive
* mode or the failSilently flag is set, otherwise let the
* user know we failed and give them a chance to try again. */
/* If the retry interval has expired and we still aren't
* logged in, then just give up if we are not in interactive
* mode or the failSilently flag is set, otherwise let the
* user know we failed and give them a chance to try again. */
if (retryInterval <= 0) {
reason = "AFS not running";
if (!interactive || failSilently)
break;
reason = "AFS not running";
if (!interactive || failSilently)
break;
flag = MessageBox(hwndOwner,
"AFS is still starting. Retry?",
"AFS Logon",
MB_ICONQUESTION | MB_RETRYCANCEL);
"AFS is still starting. Retry?",
"AFS Logon",
MB_ICONQUESTION | MB_RETRYCANCEL);
if (flag == IDCANCEL)
break;
/* Wait just a little while and try again */
retryInterval = sleepInterval = DEFAULT_SLEEP_INTERVAL;
break;
/* Wait just a little while and try again */
retryInterval = sleepInterval = DEFAULT_SLEEP_INTERVAL;
}
if (retryInterval < sleepInterval)
sleepInterval = retryInterval;
Sleep(sleepInterval * 1000);
retryInterval -= sleepInterval;
}
}
if (code) {
char msg[128];
char msg[128];
sprintf(msg, "Integrated login failed: %s", reason);
if (interactive && !failSilently)
MessageBox(hwndOwner, msg, "AFS Logon", MB_OK);
else {
HANDLE h;
char *ptbuf[1];
h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
ptbuf[0] = msg;
ReportEvent(h, EVENTLOG_WARNING_TYPE, 0, 1008, NULL,
1, 0, ptbuf, NULL);
DeregisterEventSource(h);
}
HANDLE h;
char *ptbuf[1];
h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
ptbuf[0] = msg;
ReportEvent(h, EVENTLOG_WARNING_TYPE, 0, 1008, NULL,
1, 0, ptbuf, NULL);
DeregisterEventSource(h);
}
code = MapAuthError(code);
SetLastError(code);
if (ISHIGHSECURITY(LogonOption) && (code!=0))