From 5df08384dc1da675020b205c12a1244a2d833afd Mon Sep 17 00:00:00 2001
From: Andrew Deason <adeason@sinenomine.net>
Date: Thu, 18 May 2023 14:22:16 -0500
Subject: [PATCH] tsm41: Fix various errors in aix_aklog.c

The clang-based xlc 17.1 compiler on AIX throws various errors when
compiling aix_aklog.c. Fix them:

- We make a couple of pr_* calls, but don't include ptuser.h. Include
  it, to get the prototypes for those functions. (Also make the tsm41
  dir depend on ptserver, to ensure the header is available.)

- Include ctype.h for the functions islower(), et al.

- Move aklog_authenticate() to after auth_to_cell(), so auth_to_cell()
  is defined before it is referenced.

Also declare most of our functions as 'static' while we're here.

Change-Id: I0d3ce2c1e4bab3d20969f869128fc603c71bc019
Reviewed-on: https://gerrit.openafs.org/15448
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Ben Huntsman <ben@huntsmans.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
---
 Makefile.in           |  2 +-
 src/tsm41/aix_aklog.c | 87 ++++++++++++++++++++++---------------------
 2 files changed, 45 insertions(+), 44 deletions(-)

diff --git a/Makefile.in b/Makefile.in
index 28389c8b4f..288f434a95 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -381,7 +381,7 @@ pam: auth libafsauthent
 		echo Skipping pam for ${SYS_NAME} ; \
 	fi
 
-tsm41: cmd comerr kauth rxkad
+tsm41: cmd comerr ptserver kauth rxkad
 	+set -x; \
 	case ${SYS_NAME} in \
 	rs_aix* ) \
diff --git a/src/tsm41/aix_aklog.c b/src/tsm41/aix_aklog.c
index 5486af5175..911798e048 100644
--- a/src/tsm41/aix_aklog.c
+++ b/src/tsm41/aix_aklog.c
@@ -28,6 +28,7 @@
 #include <errno.h>
 #include <usersec.h>
 #include <syslog.h>
+#include <ctype.h>
 
 #include <krb5.h>
 
@@ -38,6 +39,7 @@
 #include <afs/ktc.h>
 #include <afs/token.h>
 #include <afs/ptserver.h>
+#include <afs/ptuser.h>
 #include "aix_auth_prototypes.h"
 
 static int uidpag = 0;
@@ -112,7 +114,7 @@ static int get_user_realm(krb5_context, char *);
 #error "Must have either keyblock or session member of krb5_creds"
 #endif
 
-char *
+static char *
 afs_realm_of_cell(krb5_context context, struct afsconf_cell *cellconfig, int fallback)
 {
     static char krbrlm[REALM_SZ+1];
@@ -145,43 +147,6 @@ afs_realm_of_cell(krb5_context context, struct afsconf_cell *cellconfig, int fal
     return krbrlm;
 }
 
-int
-aklog_authenticate(char *userName, char *response, int *reenter, char **message)
-{
-    char *reason, *pword, prompt[256];
-    struct passwd *pwd;
-    int code, unixauthneeded, password_expires = -1;
-    int status;
-    krb5_context context;
-
-    syslog(LOG_AUTH|LOG_DEBUG, "LAM aklog: uidpag %s localuid %s",
-                               uidpag ? "yes" : "no",
-                               localuid ? "yes" : "no");
-
-    krb5_init_context(&context);
-    *reenter = 0;
-    *message = (char *)0;
-
-    status = auth_to_cell(context, userName, NULL, NULL);
-
-    if (status) {
-	char *str = afs_error_message(status);
-	*message = malloc(1024);
-#ifdef HAVE_KRB5_SVC_GET_MSG
-	if (strncmp(str, "unknown", strlen("unknown")) == 0) {
-	    krb5_svc_get_msg(status,&str);
-	    sprintf(*message, "Unable to obtain AFS tokens: %s.\n",
-                    str);
-	    krb5_free_string(context, str);
-	} else
-#endif
-	    sprintf(*message, "Unable to obtain AFS tokens: %s.\n",
-		    str);
-	return AUTH_FAILURE; /* NOTFOUND? */
-    }
-    return AUTH_SUCCESS;
-}
-
 static krb5_error_code
 get_credv5(krb5_context context, char *user,
 	   char *name, char *inst, char *realm,
@@ -221,7 +186,6 @@ get_credv5(krb5_context context, char *user,
     return r;
 }
 
-
 static int
 get_user_realm(krb5_context context, char *realm)
 {
@@ -241,26 +205,26 @@ get_user_realm(krb5_context context, char *realm)
     return 0;
 }
 
-int
+static int
 aklog_chpass(char *userName, char *oldPasswd, char *newPasswd, char **message)
 {
     return AUTH_SUCCESS;
 }
 
-int
+static int
 aklog_passwdexpired(char *userName, char **message)
 {
     return AUTH_SUCCESS;
 }
 
-int
+static int
 aklog_passwdrestrictions(char *userName, char *newPasswd, char *oldPasswd,
 			 char **message)
 {
     return AUTH_SUCCESS;
 }
 
-char *
+static char *
 aklog_getpasswd(char * userName)
 {
     errno = ENOSYS;
@@ -663,6 +627,43 @@ auth_to_cell(krb5_context context, char *user, char *cell, char *realm)
     return(status);
 }
 
+static int
+aklog_authenticate(char *userName, char *response, int *reenter, char **message)
+{
+    char *reason, *pword, prompt[256];
+    struct passwd *pwd;
+    int code, unixauthneeded, password_expires = -1;
+    int status;
+    krb5_context context;
+
+    syslog(LOG_AUTH|LOG_DEBUG, "LAM aklog: uidpag %s localuid %s",
+			       uidpag ? "yes" : "no",
+			       localuid ? "yes" : "no");
+
+    krb5_init_context(&context);
+    *reenter = 0;
+    *message = (char *)0;
+
+    status = auth_to_cell(context, userName, NULL, NULL);
+
+    if (status) {
+	char *str = afs_error_message(status);
+	*message = malloc(1024);
+#ifdef HAVE_KRB5_SVC_GET_MSG
+	if (strncmp(str, "unknown", strlen("unknown")) == 0) {
+	    krb5_svc_get_msg(status,&str);
+	    sprintf(*message, "Unable to obtain AFS tokens: %s.\n",
+		    str);
+	    krb5_free_string(context, str);
+	} else
+#endif
+	    sprintf(*message, "Unable to obtain AFS tokens: %s.\n",
+		    str);
+	return AUTH_FAILURE; /* NOTFOUND? */
+    }
+    return AUTH_SUCCESS;
+}
+
 int
 aklog_initialize(struct secmethod_table *meths)
 {