#include "ktc.h"
#include "auth.h"
+#ifdef AFS_RXGK_ENV
+# include <rx/rxgk.h>
+#endif
+
/* return a null security object if nothing else can be done */
static afs_int32
QuickAuth(struct rx_securityClass **astr, afs_int32 *aindex)
return 0;
}
-#if !defined(UKERNEL)
static int _afsconf_GetRxkadKrb5Key(void *arock, int kvno, int enctype, void *outkey,
size_t *keylen)
{
return 2;
}
}
-#endif /* !defined(UKERNEL) */
static afs_int32
GenericAuth(struct afsconf_dir *adir,
afs_int32 *aindex,
rxkad_level enclevel)
{
-#ifdef UKERNEL
- return QuickAuth(astr, aindex);
-#else
int enctype_preflist[]={18, 17, 23, 16, 0};
char tbuffer[512];
struct ktc_encryptionKey key, session;
return QuickAuth(astr, aindex);
}
- /* Next, we have ticket, kvno and session key, authenticate the connection.
- * We use a magic # instead of a constant because of basic compilation
- * order when compiling the system from scratch (rx/rxkad.h isn't installed
- * yet). */
+ /* Next, we have ticket, kvno and session key, authenticate the connection.*/
tclass = (struct rx_securityClass *)
rxkad_NewClientSecurityObject(enclevel, &session, kvno, ticketLen,
tbuffer);
*astr = tclass;
*aindex = RX_SECIDX_KAD;
return 0;
-#endif
}
/* build a fake ticket for 'afs' using keys from adir, returning an
* Build a set of security classes suitable for a server accepting
* incoming connections
*/
-#if !defined(UKERNEL)
void
afsconf_BuildServerSecurityObjects(void *rock,
struct rx_securityClass ***classes,
{
struct afsconf_dir *dir = rock;
- if (dir->securityFlags & AFSCONF_SECOPTS_ALWAYSENCRYPT)
- *numClasses = 4;
- else
- *numClasses = 3;
+ *numClasses = RX_SECIDX_GK+1;
*classes = calloc(*numClasses, sizeof(**classes));
(*classes)[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject();
- (*classes)[RX_SECIDX_VAB] = NULL;
(*classes)[RX_SECIDX_KAD] =
rxkad_NewKrb5ServerSecurityObject(0, dir, afsconf_GetKey,
_afsconf_GetRxkadKrb5Key, NULL);
(*classes)[RX_SECIDX_KAE] =
rxkad_NewKrb5ServerSecurityObject(rxkad_crypt, dir, afsconf_GetKey,
_afsconf_GetRxkadKrb5Key, NULL);
-}
+#ifdef AFS_RXGK_ENV
+ (*classes)[RX_SECIDX_GK] =
+ rxgk_NewServerSecurityObject(rock, afsconf_GetRXGKKey);
#endif
+}
/*!
* Pick a security class to use for an outgoing connection