#endif
#include <afs/vice.h>
-#include <afs/auth.h>
+#include "auth.h"
#include <afs/venus.h>
#include <afs/afsutil.h>
#include "ktc.h"
#ifdef AFS_KERBEROS_ENV
-#include <afs/cellconfig.h>
+#include "cellconfig.h"
static char lcell[MAXCELLCHARS];
#define TKT_ROOT "/tmp/tkt"
static void ktc_LocalCell(void);
#endif /* AFS_KERBEROS_ENV */
-#ifdef AFS_DUX40_ENV
-#define PIOCTL afs_pioctl
-#elif defined(UKERNEL)
+#if defined(UKERNEL)
#define PIOCTL(A,B,C,D) (errno = (call_syscall(AFSCALL_PIOCTL,A,B,C,D)), errno?-1:0)
#else
#define PIOCTL pioctl
struct ktc_principal server;
struct ktc_principal client;
struct ktc_token token;
-} local_tokens[MAXLOCALTOKENS] = { {
-0}, {
-0}, {
-0}, {
-0}};
+} local_tokens[MAXLOCALTOKENS];
static int
GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
0)) {
found = i; /* replace existing entry */
break;
- } else /* valid, but no match */
- ;
+ } else {
+ /* valid, but no match */
+ }
} else
found = i; /* remember this empty slot */
if (found == -1)
#endif /* NO_AFS_CLIENT */
if (code)
return KTC_PIOCTLFAIL;
+#if defined(AFS_LINUX26_ENV) && defined(SYS_keyctl)
+ else
+ /*
+ * If we're using keyring based PAGs and the SESSION_TO_PARENT keyctl
+ * is available, use it to copy the session keyring to the parent process
+ */
+ if (flags & AFS_SETTOK_SETPAG)
+ syscall(SYS_keyctl, KEYCTL_SESSION_TO_PARENT);
+#endif
return 0;
}
memset(&server, 0, sizeof(server));
strcpy(server.name, "afs");
- strcpy(server.cell, token->cell);
+ if (strlcpy(server.cell, token->cell, sizeof(server.cell))
+ >= sizeof(server.cell)) {
+ free(rxkadToken);
+ return KTC_INVAL;
+ }
code = ktc_SetToken(&server, rxkadToken, &client, flags);
free(rxkadToken);
return code;
/* got token for cell; check that it will fit */
maxLen =
atokenLen - sizeof(struct ktc_token) + MAXKTCTICKETLEN;
- if (maxLen < tktLen) {
+ if (tktLen < 0 || tktLen > maxLen) {
UNLOCK_GLOBAL_MUTEX;
return KTC_TOOBIG;
}
code = PIOCTL(0, VIOC_GETTOK2, &iob, 0);
+ if (code == -1 && errno == EDOM)
+ return KTC_NOENT; /* no more tokens to be found */
+
/* Can't use new pioctl, so must use old one */
if (code == -1 && errno == EINVAL) {
struct ktc_principal server;
afs_uint32 g0, g1;
afs_uint32 h, l, ret;
int ngroups;
-#ifdef AFS_LINUX26_ENV
+#ifdef AFS_PAG_ONEGROUP_ENV
int i;
#endif
ngroups = getgroups(sizeof groups / sizeof groups[0], groups);
-#ifdef AFS_LINUX26_ENV
- /* check for AFS_LINUX26_ONEGROUP_ENV PAGs */
+#ifdef AFS_PAG_ONEGROUP_ENV
+ /* Check for one-group PAGs. */
for (i = 0; i < ngroups; i++) {
if (((groups[i] >> 24) & 0xff) == 'A') {
return groups[i];
* <mit-copyright.h>.
*/
-#if 0
-#include <sys/file.h>
-#include <krb.h>
-#endif
-
#define TOO_BIG -1
#define TF_LCK_RETRY ((unsigned)2) /* seconds to sleep before
* retry if ticket file is