#include <afsconfig.h>
#include <afs/param.h>
+#include <afs/stds.h>
#include <roken.h>
+#include <afs/opr.h>
-#include <afs/stds.h>
-#include <sys/types.h>
#ifdef AFS_NT40_ENV
-#include <winsock2.h>
#include <WINNT/afsevent.h>
-#else
-#include <sys/file.h>
-#include <netdb.h>
-#include <netinet/in.h>
-#endif
-#include "kalog.h" /* for OpenLog() */
-#include <time.h>
-#include <stdio.h>
-#include <string.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef AFS_AIX32_ENV
-#include <signal.h>
#endif
+
+
#include <lwp.h>
#include <rx/xdr.h>
#include <rx/rx.h>
#include <afs/com_err.h>
#include <afs/audit.h>
#include <ubik.h>
-#include <sys/stat.h>
+
+#include "kalog.h" /* for OpenLog() */
#include "kauth.h"
#include "kauth_internal.h"
#include "kautils.h"
int MinHours = 0;
int npwSums = KA_NPWSUMS; /* needs to be variable sometime */
-#include <stdarg.h>
#if !defined(AFS_NT40_ENV) && !defined(AFS_LINUX20_ENV) && !defined(AFS_DARWIN_ENV) && !defined(AFS_XBSD_ENV)
#undef vfprintf
#define vfprintf(stream,fmt,args) _doprnt(fmt,args,stream)
return afsconf_SuperUser(KA_conf, call, NULL);
}
+/**
+ * Return true if this name is a member of the local realm.
+ */
+static int
+KA_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
+{
+ struct afsconf_dir *dir = (struct afsconf_dir *)rock;
+ afs_int32 islocal = 0; /* default to no */
+ int code;
+
+ code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
+ if (code) {
+ ViceLog(0,
+ ("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
+ code, name, inst, cell));
+ }
+ return islocal;
+}
+
afs_int32
es_Report(char *fmt, ...)
{
ViceLog(0, ("Using server list from %s cell database.\n", cell));
}
+ /* initialize audit user check */
+ osi_audit_set_user_check(KA_conf, KA_IsLocalRealmMatch);
+
/* initialize ubik */
if (level == rxkad_clear)
- ubik_CRXSecurityProc = afsconf_ClientAuth;
+ ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate,
+ KA_conf);
else if (level == rxkad_crypt)
- ubik_CRXSecurityProc = afsconf_ClientAuthSecure;
+ ubik_SetClientSecurityProcs(afsconf_ClientAuthSecure,
+ afsconf_UpToDate, KA_conf);
else {
ViceLog(0, ("Unsupported security level %d\n", level));
exit(5);
ViceLog(0,
("Using level %s for Ubik connections.\n",
(level == rxkad_crypt ? "crypt" : "clear")));
- ubik_CRXSecurityRock = (char *)KA_conf;
- ubik_SRXSecurityProc = afsconf_ServerAuth;
- ubik_SRXSecurityRock = (char *)KA_conf;
- ubik_CheckRXSecurityProc = afsconf_CheckAuth;
- ubik_CheckRXSecurityRock = (char *)KA_conf;
+
+ ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
+ afsconf_CheckAuth,
+ KA_conf);
ubik_nBuffers = 80;