openafs

jimzah/openafs

Fork 0

mirror of https://git.openafs.org/openafs.git synced 2025-01-18 23:10:58 +00:00

Commit Graph

Author	SHA1	Message	Date
Simon Wilkinson	0af17e7ecc	auth: Allow identities in the UserList Extend the userok interface provided by the auth library to permit the addition, deletion and inspection of identities within the UserList. A number of additional functions are added, as direct replacements for their Kerberos v4 only counterparts - these are: ) afsconf_DeleteIdentity ) afsconf_GetNthIdentity ) afsconf_AddIdentity ) afsconf_SuperIdentity In addition, a new function is added to allow the status of any given identity to be queried *) afsconf_IsSuperIdentity New form identities are stored within the same UserList file as Kerberos v4 identities. We take advantage of the fact that the current code skips any entry with a leading whitespace. Identities are stored as a single line, with a leading space, followed by the integer representation of their type (0 for Kerberos 4, 1 for GSSAPI), followed by the base64 encoded representation of their exported name, followed by the display name of the identity. Each field is whitespace separated. For example: 1 BAEACwYJKoZIhvcSAQICAAAAEHN4d0BJTkYuRUQuQUMuVUs= sxw@INF.ED.AC.UK is the representation of the GSSAPI identity "sxw@INF.ED.AC.UK" An addition to the test suite is also provided which will test all of the existing, and new super user manipulation functions. Change-Id: I50648bb1ecc3037a90d623c87a60193be4f122ff Reviewed-on: http://gerrit.openafs.org/3355 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>	2010-11-24 19:16:12 -08:00

Author

SHA1

Message

Date

Simon Wilkinson

0af17e7ecc

auth: Allow identities in the UserList

Extend the userok interface provided by the auth library to permit the
addition, deletion and inspection of identities within the UserList.

A number of additional functions are added, as direct replacements for
their Kerberos v4 only counterparts - these are:
 *) afsconf_DeleteIdentity
 *) afsconf_GetNthIdentity
 *) afsconf_AddIdentity
 *) afsconf_SuperIdentity

In addition, a new function is added to allow the status of any given
identity to be queried
 *) afsconf_IsSuperIdentity

New form identities are stored within the same UserList file as
Kerberos v4 identities. We take advantage of the fact that the current
code skips any entry with a leading whitespace. Identities are stored as
a single line, with a leading space, followed by the integer
representation of their type (0 for Kerberos 4, 1 for GSSAPI), followed
by the base64 encoded representation of their exported name, followed by
the display name of the identity. Each field is whitespace separated.

For example:
 1 BAEACwYJKoZIhvcSAQICAAAAEHN4d0BJTkYuRUQuQUMuVUs= sxw@INF.ED.AC.UK
is the representation of the GSSAPI identity "sxw@INF.ED.AC.UK"

An addition to the test suite is also provided which will test all of
the existing, and new super user manipulation functions.

Change-Id: I50648bb1ecc3037a90d623c87a60193be4f122ff
Reviewed-on: http://gerrit.openafs.org/3355
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>

2010-11-24 19:16:12 -08:00

1 2

51 Commits