/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
#include <afsconfig.h>
#include <afs/param.h>
-RCSID
- ("$Header$");
#include "uss_kauth.h" /*Module interface */
#include "uss_common.h" /*Common defs & operations */
#include <errno.h>
#include <pwd.h>
-#ifdef HAVE_STRING_H
#include <string.h>
-#else
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-#endif
#include <afs/com_err.h>
#include <afs/kautils.h> /*MAXKTCREALMLEN*/
#include <afs/kaport.h> /* pack_long */
+#include <afs/kauth.h>
#define uss_kauth_MAX_SIZE 2048
#undef USS_KAUTH_DB
/*
*-----------------------------------------------------------------------*/
afs_int32
-uss_kauth_InitAccountCreator()
+uss_kauth_InitAccountCreator(void)
{ /*uss_kauth_InitAccountCreator */
char *name;
int Pipe = 0;
static char *
-getpipepass()
+getpipepass(void)
{
static char gpbuf[BUFSIZ];
/* read a password from stdin, stop on \n or eof */
- register int i, tc;
+ int i, tc;
memset(gpbuf, 0, sizeof(gpbuf));
for (i = 0; i < (sizeof(gpbuf) - 1); i++) {
tc = fgetc(stdin);
afs_int32
-InitThisModule()
+InitThisModule(void)
{ /*InitThisModule */
-
+#ifdef USS_KAUTH_DB
static char rn[] = "uss_kauth:InitThisModule";
- register afs_int32 code;
- char *name, prompt[2 * MAXKTCNAMELEN + 20];
+#endif
+ afs_int32 code;
+ char prompt[2 * MAXKTCNAMELEN + 20];
char *reasonString, longPassBuff[1024], shortPassBuff[9];
struct ktc_encryptionKey key;
- struct ktc_token token, tok;
- struct ktc_principal Name;
+ struct ktc_token token;
+ struct ktc_principal Name, tok;
/*
* Only call this routine once.
sizeof(longPassBuff), /*Size of above */
&reasonString);
if (code) {
- com_err(uss_whoami, code, "while getting password ");
+ afs_com_err(uss_whoami, code, "while getting password ");
#ifdef USS_KAUTH_DB
printf("%s: Error code from ka_UserReadPassword(): %d\n", rn,
code);
* to truncate the password to generate the appropriate
* key.
*/
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while getting administrator token (trying shortened password next...)");
#ifdef USS_KAUTH_DB
printf("%s: Error code from ka_GetAdminToken: %d\n", rn,
uss_Cell, &key, 24 * 60 * 60, &token,
0 /*new */ );
if (code) {
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while getting administrator token (possibly wrong password, or not an administrative account)");
#ifdef USS_KAUTH_DB
printf("%s: Error code from ka_GetAdminToken: %d\n", rn,
* We failed to get an admin token, but the password is
* of a reasonable length, so we're just hosed.
*/
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while getting administrator token (possibly wrong password, or not an administrative account)");
#ifdef USS_KAUTH_DB
printf("%s: Error code from ka_GetAdminToken: %d\n", rn,
ka_AuthServerConn(uss_Cell, KA_MAINTENANCE_SERVICE, &token,
&uconn_kauthP);
if (code) {
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while establishing Authentication Server connection");
#ifdef USS_KAUTH_DB
printf("%s: Error code from ka_AuthServerConn: %d\n", rn, code);
strcpy(Name.name, "afs");
Name.instance[0] = '\0';
strncpy(Name.cell, uss_Cell, sizeof(Name.cell));
- if (code =
- ktc_GetToken(&Name, &token, sizeof(struct ktc_token), &tok)) {
+ if ((code =
+ ktc_GetToken(&Name, &token, sizeof(struct ktc_token), &tok))) {
code =
ka_UserAuthenticateLife(0, uss_AccountCreator,
CreatorInstance, uss_Cell,
*------------------------------------------------------------------------*/
afs_int32
-uss_kauth_AddUser(a_user, a_passwd)
- char *a_user;
- char *a_passwd;
-
+uss_kauth_AddUser(char *a_user, char *a_passwd)
{ /*uss_kauth_AddUser */
-
+#ifdef USS_KAUTH_DB
static char rn[] = "uss_kauth_AddUser"; /*Routine name */
- struct ktc_encryptionKey key;
+#endif
+ struct ktc_encryptionKey ktc_key;
+ EncryptionKey key;
afs_int32 code;
if (uss_SkipKaserver) {
* Given the (unencrypted) password and cell, generate a key to
* pass to the AuthServer.
*/
- ka_StringToKey(a_passwd, uss_Cell, &key);
+ ka_StringToKey(a_passwd, uss_Cell, &ktc_key);
+
+ memcpy(&key, &ktc_key, sizeof(key)); /* XXX - we could just cast */
if (!uss_DryRun) {
if (uss_verbose)
"%s: KAM_CreateUser: user='%s', CreatorInstance='%s', %d bytes\n",
rn, a_user, CreatorInstance, strlen(CreatorInstance));
#endif /* USS_KAUTH_DB_INSTANCE */
- code = ubik_Call(KAM_CreateUser, uconn_kauthP, 0, a_user, UserInstance, /*set by CheckUsername() */
- key);
+ code = ubik_KAM_CreateUser(uconn_kauthP, 0, a_user,
+ UserInstance, /*set by CheckUsername() */
+ key);
if (code) {
if (code == KAEXIST) {
if (uss_verbose)
"%s: Warning: User '%s' already in Authentication DB\n",
uss_whoami, a_user);
} else {
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while adding user '%s' to Authentication DB",
a_user);
#ifdef USS_KAUTH_DB
*------------------------------------------------------------------------*/
afs_int32
-uss_kauth_DelUser(a_user)
- char *a_user;
-
+uss_kauth_DelUser(char *a_user)
{ /*uss_kauth_DelUser */
-
+#ifdef USS_KAUTH_DB
static char rn[] = "uss_kauth_DelUser"; /*Routine name */
- register afs_int32 code; /*Return code */
+#endif
+ afs_int32 code; /*Return code */
if (uss_SkipKaserver) {
/*
#endif /* USS_KAUTH_DB_INSTANCE */
if (uss_verbose)
printf("Deleting user '%s' from Authentication DB\n", a_user);
- code = ubik_Call(KAM_DeleteUser, /*Procedure to call */
+ code = ubik_KAM_DeleteUser(
uconn_kauthP, /*Ubik client connection struct */
0, /*Flags */
a_user, /*User name to delete */
uss_whoami, a_user);
return (0);
} else {
- com_err(uss_whoami, code,
+ afs_com_err(uss_whoami, code,
"while deleting entry in Authentication DB\n");
#ifdef USS_KAUTH_DB
printf("%s: Error code from KAM_DeleteUser: %d\n", rn, code);
*------------------------------------------------------------------------*/
afs_int32
-uss_kauth_CheckUserName()
+uss_kauth_CheckUserName(void)
{ /*uss_kauth_CheckUserName */
-
+#ifdef USS_KAUTH_DB
static char rn[] = "uss_kauth_CheckUserName"; /*Routine name */
- register afs_int32 code; /*Return code */
+#endif
+ afs_int32 code; /*Return code */
if (uss_SkipKaserver) {
/*
/*
* Use the AuthServer's own routine to decide if the parsed user name
* is legal. Specifically, it can't have any weird characters or
- * embedded instance or cell names.
+ * embedded instance or cell names.
*/
code = ka_ParseLoginName(uss_User, UserPrincipal, UserInstance, UserCell);
if (strlen(UserInstance) > 0) {
*/
afs_int32
-uss_kauth_SetFields(username, expirestring, reuse, failures, lockout)
- char *reuse;
- char *username;
- char *expirestring;
- char *failures;
- char *lockout;
+uss_kauth_SetFields(char *username, char *expirestring, char *reuse,
+ char *failures, char *lockout)
{
+#ifdef USS_KAUTH_DB
static char rn[] = "uss_kauth_SetFields";
+#endif
afs_int32 code;
char misc_auth_bytes[4];
int i;
if (!expiration)
expiration = uss_Expires;
code =
- ubik_Call(KAM_SetFields, uconn_kauthP, 0, username, &instance,
+ ubik_KAM_SetFields(uconn_kauthP, 0, username, &instance,
flags, expiration, lifetime, maxAssociates,
was_spare, /* spare */ 0);
} else
"Must specify one of the optional parameters. Continuing...\n");
if (code) {
- com_err(uss_whoami, code, "calling KAM_SetFields for %s.%s",
- username, instance);
+ afs_com_err(uss_whoami, code, "calling KAM_SetFields for %s",
+ username);
return (code);
}