From 735873d51512bc31134856c06345bb7caf9d8144 Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Thu, 14 Apr 2011 15:36:50 -0500 Subject: [PATCH] auth: Get correct viceid in legacy GetToken When ktc_GetTokenEx needs to get tokens via the legacy ktc_GetToken interface, it was not extracting the viceid. Make it set the viceid so the caller gets the correct id. Normally this would require parsing the given client name. To reduce the amount of times we store and extract the viced from the "AFS ID %d" string, create a helper GetToken function that can store the viceid directly, without storing it in a string. Change-Id: Ib03a419aee6eaed3b253c4d5d575d4dd8d3b8ddc Reviewed-on: http://gerrit.openafs.org/4482 Tested-by: Simon Wilkinson Reviewed-by: Derrick Brashear --- src/auth/ktc.c | 38 ++++++++++++++++++++++++++++++-------- 1 file changed, 30 insertions(+), 8 deletions(-) diff --git a/src/auth/ktc.c b/src/auth/ktc.c index 5beb2d81cc..138a8441d1 100644 --- a/src/auth/ktc.c +++ b/src/auth/ktc.c @@ -154,6 +154,10 @@ static struct { 0}, { 0}}; +static int +GetToken(struct ktc_principal *aserver, struct ktc_token *atoken, + int atokenLen, struct ktc_principal *alicnet, afs_int32 *aviceid); + #define MAXPIOCTLTOKENLEN \ (3*sizeof(afs_int32)+MAXKTCTICKETLEN+sizeof(struct ClearToken)+MAXKTCREALMLEN) @@ -475,9 +479,9 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) { */ if (code == -1 && errno == EINVAL) { struct ktc_principal server; - struct ktc_principal client; struct ktc_tokenUnion token; struct ktc_token *ktcToken; /* too huge for the stack */ + afs_int32 viceid; memset(&server, 0, sizeof(server)); ktcToken = malloc(sizeof(struct ktc_token)); @@ -487,8 +491,8 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) { strcpy(server.name, "afs"); strcpy(server.cell, cellName); - code = ktc_GetToken(&server, ktcToken, sizeof(struct ktc_token), - &client); + code = GetToken(&server, ktcToken, sizeof(struct ktc_token), + NULL /*client*/, &viceid); if (code == 0) { *tokenSet = token_buildTokenJar(cellName); token.at_type = AFSTOKEN_UNION_KAD; @@ -502,6 +506,7 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) { = ktcToken->ticketLen; token.ktc_tokenUnion_u.at_kad.rk_ticket.rk_ticket_val = ktcToken->ticket; + token.ktc_tokenUnion_u.at_kad.rk_viceid = viceid; token_addToken(*tokenSet, &token); @@ -535,6 +540,13 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) { int ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken, int atokenLen, struct ktc_principal *aclient) +{ + return GetToken(aserver, atoken, atokenLen, aclient, NULL); +} + +static int +GetToken(struct ktc_principal *aserver, struct ktc_token *atoken, + int atokenLen, struct ktc_principal *aclient, afs_int32 *aviceid) { struct ViceIoctl iob; char tbuffer[MAXPIOCTLTOKENLEN]; @@ -549,6 +561,9 @@ ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken, #ifdef AFS_KERBEROS_ENV char found = 0; #endif + if (aviceid) { + *aviceid = 0; + } LOCK_GLOBAL_MUTEX; @@ -684,15 +699,22 @@ ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken, sizeof(struct ktc_encryptionKey)); atoken->ticketLen = tktLen; - if (aclient) { - strcpy(aclient->cell, cellp); - aclient->instance[0] = 0; + if (aclient || aviceid) { + if (aclient) { + strcpy(aclient->cell, cellp); + aclient->instance[0] = 0; + } if ((atoken->kvno == 999) || /* old style bcrypt ticket */ (ct.BeginTimestamp && /* new w/ prserver lookup */ (((ct.EndTimestamp - ct.BeginTimestamp) & 1) == 1))) { - sprintf(aclient->name, "AFS ID %d", ct.ViceId); - } else { + if (aclient) { + sprintf(aclient->name, "AFS ID %d", ct.ViceId); + } + if (aviceid) { + *aviceid = ct.ViceId; + } + } else if (aclient) { sprintf(aclient->name, "Unix UID %d", ct.ViceId); } }