csc_policy_logon_updates-20040503
authorJeffrey Altman <jaltman@mit.edu>
Tue, 4 May 2004 05:05:25 +0000 (05:05 +0000)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 4 May 2004 05:05:25 +0000 (05:05 +0000)
From Andrei: CSC Policies

Updates to afslogon.dll: attempt lowercased name on authentication failure
if LSA provided name is all upper-case.

src/WINNT/afsd/NTMakefile
src/WINNT/afsd/afslogon.c
src/WINNT/afsd/fs.c
src/WINNT/afsd/smb.c
src/WINNT/afsd/smb.h
src/WINNT/afsd/smb3.c

index 52bca39..a0c2840 100644 (file)
@@ -188,7 +188,7 @@ LOGON_DLLLIBS =\
        $(DESTDIR)\lib\libafsconf.lib
 
 $(LOGON_DLLFILE): $(LOGON_DLLOBJS) $(LOGON_DLLLIBS)
-       $(DLLGUILINK) $(LOGONLINKFLAGS) -def:afslogon.def dnsapi.lib
+       $(DLLGUILINK) $(LOGONLINKFLAGS) -def:afslogon.def dnsapi.lib secur32.lib
        $(DLLPREP)
        $(COPY) $*.lib $(DESTDIR)\lib
        $(DEL) $*.lib $*.exp
index 71d5354..9e6bac9 100644 (file)
@@ -339,6 +339,7 @@ DWORD APIENTRY NPLogonNotify(
     int sleepInterval = DEFAULT_SLEEP_INTERVAL;        /* seconds        */
     BOOLEAN afsWillAutoStart;
        CHAR RandomName[MAXRANDOMNAMELEN];
+    BOOLEAN uppercased_name = TRUE;
 
     /* Initialize Logon Script to none */
        *lpLogonScript=NULL;
@@ -356,6 +357,14 @@ DWORD APIENTRY NPLogonNotify(
     ctemp = strchr(uname, '@');
     if (ctemp) *ctemp = 0;
 
+    /* is the name all uppercase? */
+    for ( ctemp = uname; *ctemp ; ctemp++) {
+        if ( islower(*ctemp) ) {
+            uppercased_name = FALSE;
+            break;
+        }
+    }
+
        (void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PARMS_KEY,
                         0, KEY_QUERY_VALUE, &NPKey);
        LSPsize=sizeof(TraceOption);
@@ -423,6 +432,13 @@ DWORD APIENTRY NPLogonNotify(
                                                 &reason);
                        DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2","Code[%x]",
                         code);
+            if ( code && code != KTC_NOCM && code != KTC_NOCMRPC && uppercased_name ) {
+                for ( ctemp = uname; *ctemp ; ctemp++) {
+                    *ctemp = tolower(*ctemp);
+                }
+                uppercased_name = FALSE;
+                continue;
+            }
                } 
         /* if Integrated Logon and High Security pass random generated name*/
         else if (ISLOGONINTEGRATED(LogonOption) && ISHIGHSECURITY(LogonOption))
@@ -432,6 +448,14 @@ DWORD APIENTRY NPLogonNotify(
                                                 &reason);
                        DebugEvent("AFS AfsLogon - (Both)ka_UserAuthenticateGeneral2","Code[%x] RandomName[%s]",
                        code, RandomName);
+
+            if ( code && code != KTC_NOCM && code != KTC_NOCMRPC && uppercased_name ) {
+                for ( ctemp = uname; *ctemp ; ctemp++) {
+                    *ctemp = tolower(*ctemp);
+                }
+                uppercased_name = FALSE;
+                continue;
+            }
                } else {  
             /*JUST check to see if its running*/
                    if (IsServiceRunning())
index 7d37b1d..4daad5b 100644 (file)
@@ -44,6 +44,7 @@ static struct ubik_client *uclient;
 #endif /* not WIN32 */
 
 static MemDumpCmd(struct cmd_syndesc *asp);
+static CSCPolicyCmd(struct cmd_syndesc *asp);
 
 extern afs_int32 VL_GetEntryByNameO();
 
@@ -3013,6 +3014,13 @@ char **argv; {
     cmd_AddParm(ts, "-begin", CMD_FLAG, CMD_OPTIONAL, "set a memory checkpoint");
     cmd_AddParm(ts, "-end", CMD_FLAG, CMD_OPTIONAL, "dump memory allocs");
     
+    ts = cmd_CreateSyntax("cscpolicy", CSCPolicyCmd, 0, "change client side caching policy for AFS shares");
+    cmd_AddParm(ts, "-share", CMD_SINGLE, CMD_OPTIONAL, "AFS share");
+    cmd_AddParm(ts, "-manual", CMD_FLAG, CMD_OPTIONAL, "manual caching of documents");
+    cmd_AddParm(ts, "-programs", CMD_FLAG, CMD_OPTIONAL, "automatic caching of programs and documents");
+    cmd_AddParm(ts, "-documents", CMD_FLAG, CMD_OPTIONAL, "automatic caching of documents");
+    cmd_AddParm(ts, "-disable", CMD_FLAG, CMD_OPTIONAL, "disable caching");
+
     code = cmd_Dispatch(argc, argv);
 
 #ifndef WIN32
@@ -3106,3 +3114,58 @@ static MemDumpCmd(struct cmd_syndesc *asp)
     return 0;
 }
 
+static CSCPolicyCmd(struct cmd_syndesc *asp)
+{
+       struct cmd_item *ti;
+       char *share = NULL;
+       char sbmtpath[256];
+       char *policy;
+       
+       for(ti=asp->parms[0].items; ti;ti=ti->next) {
+               share = ti->data;
+               if (share)
+               {
+                       break;
+               }
+       }
+       
+       if (share)
+       {
+               policy = "manual";
+               
+               if (asp->parms[1].items)
+                       policy = "manual";
+               if (asp->parms[2].items)
+                       policy = "programs";
+               if (asp->parms[3].items)
+                       policy = "documents";
+               if (asp->parms[4].items)
+                       policy = "disable";
+               
+               strcpy(sbmtpath, "afsdsbmt.ini");
+               WritePrivateProfileString("CSC Policy", share, policy, sbmtpath);
+               
+               printf("CSC policy on share \"%s\" changed to \"%s\".\n\n", share, policy);
+               printf("Close all applications that accessed files on this share or restart AFS Client for the change to take effect.\n"); 
+       }
+       else
+       {
+               char policies[1024];
+               DWORD len = sizeof(policies);
+
+               /* list current csc policies */
+               strcpy(sbmtpath, "afsdsbmt.ini");
+                               
+               GetPrivateProfileSection("CSC Policy", policies, len, sbmtpath);
+               
+               printf("Current CSC policies:\n");
+               policy = policies;
+               while (policy[0])
+               {
+                       printf("  %s\n", policy);
+                       policy += strlen(policy) + 1;
+               }
+       }
+
+       return (0);
+}
index 21122e4..6abced0 100644 (file)
@@ -1306,6 +1306,48 @@ int smb_FindShare(smb_vc_t *vcp, smb_packet_t *inp, char *shareName,
     return 0;
 }
 
+/* Client-side offline caching policy types */
+#define CSC_POLICY_MANUAL 0
+#define CSC_POLICY_DOCUMENTS 1
+#define CSC_POLICY_PROGRAMS 2
+#define CSC_POLICY_DISABLE 3
+
+int smb_FindShareCSCPolicy(char *shareName)
+{
+       DWORD len;
+       char policy[1024];
+       char sbmtpath[256];
+
+#ifndef DJGPP
+        strcpy(sbmtpath, "afsdsbmt.ini");
+#else /* DJGPP */
+        strcpy(sbmtpath, cm_confDir);
+        strcat(sbmtpath, "/afsdsbmt.ini");
+#endif /* !DJGPP */
+       len = GetPrivateProfileString("CSC Policy", shareName, "",
+                                     policy, sizeof(policy), sbmtpath);
+       if (len == 0 || len == sizeof(policy) - 1) {
+               return CSC_POLICY_MANUAL;
+       }
+       
+       if (stricmp(policy, "documents") == 0)
+       {
+               return CSC_POLICY_DOCUMENTS;
+       }
+       
+       if (stricmp(policy, "programs") == 0)
+       {
+               return CSC_POLICY_PROGRAMS;
+       }
+       
+       if (stricmp(policy, "disable") == 0)
+       {
+               return CSC_POLICY_DISABLE;
+       }
+       
+       return CSC_POLICY_MANUAL;
+}
+
 /* find a dir search structure by cookie value, and return it held.
  * Must be called with smb_globalLock held.
  */
index e0663b7..caa7c13 100644 (file)
@@ -381,6 +381,8 @@ extern void smb_ReleaseFID(smb_fid_t *fidp);
 
 extern int smb_FindShare(smb_vc_t *vcp, smb_packet_t *inp, char *shareName, char **pathNamep);
 
+extern int smb_FindShareCSCPolicy(char *shareName);
+
 extern smb_dirSearch_t *smb_FindDirSearchNL(long cookie);
 
 extern void smb_DeleteDirSearch(smb_dirSearch_t *dsp);
index b07a107..44acc8d 100644 (file)
@@ -232,6 +232,8 @@ long smb_ReceiveV3UserLogoffX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *ou
     return 0;
 }
 
+#define SMB_SUPPORT_SEARCH_BITS        0x0001
+
 long smb_ReceiveV3TreeConnectX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
 {
     smb_tid_t *tidp;
@@ -281,7 +283,10 @@ long smb_ReceiveV3TreeConnectX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *o
     smb_ReleaseTID(tidp);
 
        if (vcp->flags & SMB_VCFLAG_USENT)
-               smb_SetSMBParm(outp, 2, 0);     /* OptionalSupport bits */
+    {
+        int policy = smb_FindShareCSCPolicy(shareName);
+        smb_SetSMBParm(outp, 2, SMB_SUPPORT_SEARCH_BITS | (policy << 2));
+    }
 
        ((smb_t *)outp)->tid = newTid;
        ((smb_t *)inp)->tid = newTid;