mirror of
https://git.openafs.org/openafs.git
synced 2025-01-22 17:00:15 +00:00
auth: Get correct viceid in legacy GetToken
When ktc_GetTokenEx needs to get tokens via the legacy ktc_GetToken interface, it was not extracting the viceid. Make it set the viceid so the caller gets the correct id. Normally this would require parsing the given client name. To reduce the amount of times we store and extract the viced from the "AFS ID %d" string, create a helper GetToken function that can store the viceid directly, without storing it in a string. Change-Id: Ib03a419aee6eaed3b253c4d5d575d4dd8d3b8ddc Reviewed-on: http://gerrit.openafs.org/4482 Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementix.org>
This commit is contained in:
parent
59b47fba3f
commit
735873d515
@ -154,6 +154,10 @@ static struct {
|
||||
0}, {
|
||||
0}};
|
||||
|
||||
static int
|
||||
GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
|
||||
int atokenLen, struct ktc_principal *alicnet, afs_int32 *aviceid);
|
||||
|
||||
|
||||
#define MAXPIOCTLTOKENLEN \
|
||||
(3*sizeof(afs_int32)+MAXKTCTICKETLEN+sizeof(struct ClearToken)+MAXKTCREALMLEN)
|
||||
@ -475,9 +479,9 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) {
|
||||
*/
|
||||
if (code == -1 && errno == EINVAL) {
|
||||
struct ktc_principal server;
|
||||
struct ktc_principal client;
|
||||
struct ktc_tokenUnion token;
|
||||
struct ktc_token *ktcToken; /* too huge for the stack */
|
||||
afs_int32 viceid;
|
||||
|
||||
memset(&server, 0, sizeof(server));
|
||||
ktcToken = malloc(sizeof(struct ktc_token));
|
||||
@ -487,8 +491,8 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) {
|
||||
|
||||
strcpy(server.name, "afs");
|
||||
strcpy(server.cell, cellName);
|
||||
code = ktc_GetToken(&server, ktcToken, sizeof(struct ktc_token),
|
||||
&client);
|
||||
code = GetToken(&server, ktcToken, sizeof(struct ktc_token),
|
||||
NULL /*client*/, &viceid);
|
||||
if (code == 0) {
|
||||
*tokenSet = token_buildTokenJar(cellName);
|
||||
token.at_type = AFSTOKEN_UNION_KAD;
|
||||
@ -502,6 +506,7 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) {
|
||||
= ktcToken->ticketLen;
|
||||
token.ktc_tokenUnion_u.at_kad.rk_ticket.rk_ticket_val
|
||||
= ktcToken->ticket;
|
||||
token.ktc_tokenUnion_u.at_kad.rk_viceid = viceid;
|
||||
|
||||
token_addToken(*tokenSet, &token);
|
||||
|
||||
@ -535,6 +540,13 @@ ktc_GetTokenEx(char *cellName, struct ktc_setTokenData **tokenSet) {
|
||||
int
|
||||
ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
|
||||
int atokenLen, struct ktc_principal *aclient)
|
||||
{
|
||||
return GetToken(aserver, atoken, atokenLen, aclient, NULL);
|
||||
}
|
||||
|
||||
static int
|
||||
GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
|
||||
int atokenLen, struct ktc_principal *aclient, afs_int32 *aviceid)
|
||||
{
|
||||
struct ViceIoctl iob;
|
||||
char tbuffer[MAXPIOCTLTOKENLEN];
|
||||
@ -549,6 +561,9 @@ ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
|
||||
#ifdef AFS_KERBEROS_ENV
|
||||
char found = 0;
|
||||
#endif
|
||||
if (aviceid) {
|
||||
*aviceid = 0;
|
||||
}
|
||||
|
||||
LOCK_GLOBAL_MUTEX;
|
||||
|
||||
@ -684,15 +699,22 @@ ktc_GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
|
||||
sizeof(struct ktc_encryptionKey));
|
||||
atoken->ticketLen = tktLen;
|
||||
|
||||
if (aclient || aviceid) {
|
||||
if (aclient) {
|
||||
strcpy(aclient->cell, cellp);
|
||||
aclient->instance[0] = 0;
|
||||
}
|
||||
|
||||
if ((atoken->kvno == 999) || /* old style bcrypt ticket */
|
||||
(ct.BeginTimestamp && /* new w/ prserver lookup */
|
||||
(((ct.EndTimestamp - ct.BeginTimestamp) & 1) == 1))) {
|
||||
if (aclient) {
|
||||
sprintf(aclient->name, "AFS ID %d", ct.ViceId);
|
||||
} else {
|
||||
}
|
||||
if (aviceid) {
|
||||
*aviceid = ct.ViceId;
|
||||
}
|
||||
} else if (aclient) {
|
||||
sprintf(aclient->name, "Unix UID %d", ct.ViceId);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user