From: Jeffrey Altman Date: Sun, 14 Aug 2005 12:25:06 +0000 (+0000) Subject: windows-afscreds-20050814 X-Git-Tag: openafs-devel-1_5_0~386 X-Git-Url: http://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=7c34c9b5c0fbdf0b9b9429c2e763c635857974ab windows-afscreds-20050814 When tokens expire, do not display an obtain tokens dialog if there is no network connectivity to the kdc for the realm associated with the cell. In the en_US build, stop displaying the expiration time of tokens after the tokens expire. --- diff --git a/doc/txt/winnotes/afs-changes-since-1.2.txt b/doc/txt/winnotes/afs-changes-since-1.2.txt index 90a4379..3df4bd7 100644 --- a/doc/txt/winnotes/afs-changes-since-1.2.txt +++ b/doc/txt/winnotes/afs-changes-since-1.2.txt @@ -1,3 +1,15 @@ +Since 1.3.87: + * afscreds.exe would display an Obtain Creds dialog when + the expired credentials reminder was triggered even + if there was no network path to the KDC. This is prevented + by adding KDC probe logic to the reminder thread. + + * afscreds.exe would display expired tokens no differently + than unexpired ones. This would make it difficult for the + user to distiguish when the tokens were expired. For the + English build added a new resource string "(expired) that + is displayed instead of the expiration time. + Since 1.3.86: * "fs wscell" when executed in freelance mode will return the name of the cell configured in the registry. The root.afs diff --git a/src/WINNT/client_creds/credstab.cpp b/src/WINNT/client_creds/credstab.cpp index c80ffe3..24f044f 100644 --- a/src/WINNT/client_creds/credstab.cpp +++ b/src/WINNT/client_creds/credstab.cpp @@ -162,7 +162,24 @@ void Creds_OnUpdate (HWND hDlg) SYSTEMTIME stGMT; FileTimeToSystemTime (&ftGMT, &stGMT); - LPTSTR pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT); + SYSTEMTIME stNow; + GetLocalTime (&stNow); + + FILETIME ftNow; + SystemTimeToFileTime (&stNow, &ftNow); + + LONGLONG llNow = (((LONGLONG)ftNow.dwHighDateTime) << 32) + (LONGLONG)(ftNow.dwLowDateTime); + LONGLONG llExpires = (((LONGLONG)ftLocal.dwHighDateTime) << 32) + (LONGLONG)(ftLocal.dwLowDateTime); + + llNow /= c100ns1SECOND; + llExpires /= c100ns1SECOND; + + LPTSTR pszCreds = NULL; + if (llExpires <= (llNow + (LONGLONG)cminREMIND_WARN * csec1MINUTE)) + pszCreds = FormatString (IDS_CREDS_EXPIRED, TEXT("%s"), g.aCreds[ iCreds ].szUser); + + if (!pszCreds || !pszCreds[0]) + pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT); SetDlgItemText (hDlg, IDC_CREDS_INFO, pszCreds); FreeString (pszCreds); } @@ -228,10 +245,10 @@ void ShowObtainCreds (BOOL fExpiring, LPTSTR pszCell) oc, 0, &threadID); if (thread != NULL) CloseHandle(thread); - else { - free(oc->cell); - free(oc); - } + else { + free(oc->cell); + free(oc); + } } diff --git a/src/WINNT/client_creds/ipaddrchg.c b/src/WINNT/client_creds/ipaddrchg.c index 03feba3..dccbd04 100644 --- a/src/WINNT/client_creds/ipaddrchg.c +++ b/src/WINNT/client_creds/ipaddrchg.c @@ -295,10 +295,12 @@ ObtainTokensFromUserIfNeeded(HWND hWnd) } rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1); - if ( !rootcell ) goto cleanup; + if (!rootcell) + goto cleanup; code = KFW_AFS_get_cellconfig(cell, (void*)&cellconfig, rootcell); - if ( code ) goto cleanup; + if (code) + goto cleanup; memset(&aserver, '\0', sizeof(aserver)); strcpy(aserver.name, "afs"); @@ -330,7 +332,7 @@ ObtainTokensFromUserIfNeeded(HWND hWnd) #ifdef USE_FSPROBE serverReachable = cellPing(NULL); #else - if ( use_kfw ) { + if (use_kfw) { // If we can't use the FSProbe interface we can attempt to forge // a kinit and if we can back an invalid user error we know the // kdc is at least reachable diff --git a/src/WINNT/client_creds/lang/en_US/afscreds.rc b/src/WINNT/client_creds/lang/en_US/afscreds.rc index 5c62516..8fe8bfc 100644 --- a/src/WINNT/client_creds/lang/en_US/afscreds.rc +++ b/src/WINNT/client_creds/lang/en_US/afscreds.rc @@ -558,6 +558,7 @@ BEGIN IDS_BADSUB_TITLE_95 "Error - AFS Light" IDS_BADSUB_DESC "The drive letter description you entered cannot be used.\n\nA drive letter description may have no more than 12 characters, and may not contain spaces or tabs." IDS_TITLE_95 "AFS Light" + IDS_CREDS_EXPIRED "%1 (expired)" END #endif // English (U.S.) resources ///////////////////////////////////////////////////////////////////////////// diff --git a/src/WINNT/client_creds/resource.h b/src/WINNT/client_creds/resource.h index 3a1aeef..701059f 100644 --- a/src/WINNT/client_creds/resource.h +++ b/src/WINNT/client_creds/resource.h @@ -58,6 +58,7 @@ #define IDS_BADSUB_TITLE_95 48 #define IDS_BADSUB_DESC 49 #define IDS_TITLE_95 50 +#define IDS_CREDS_EXPIRED 51 #define IDI_MAIN 100 #define IDD_MAIN 101 diff --git a/src/WINNT/client_creds/window.cpp b/src/WINNT/client_creds/window.cpp index 79dbfca..f2173d2 100644 --- a/src/WINNT/client_creds/window.cpp +++ b/src/WINNT/client_creds/window.cpp @@ -376,13 +376,58 @@ void Main_OnRemindTimer (void) // dialog. Make sure we never display a warning more than once. // size_t iExpired; - if ((iExpired = Main_FindExpiredCreds()) != -1) - { - if (InterlockedIncrement (&g.fShowingMessage) != 1) - InterlockedDecrement (&g.fShowingMessage); - else - ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell); - } + if ((iExpired = Main_FindExpiredCreds()) != -1) { + if (InterlockedIncrement (&g.fShowingMessage) != 1) { + InterlockedDecrement (&g.fShowingMessage); + } else { + char * rootcell = NULL; + char password[PROBE_PASSWORD_LEN+1]; + struct afsconf_cell cellconfig; + BOOL serverReachable = FALSE; + DWORD code; + + rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1); + if (!rootcell) + goto cleanup; + + code = KFW_AFS_get_cellconfig(g.aCreds[ iExpired ].szCell, + (afsconf_cell*)&cellconfig, rootcell); + if (code) + goto cleanup; + + if (KFW_is_available()) { + // If we can't use the FSProbe interface we can attempt to forge + // a kinit and if we can back an invalid user error we know the + // kdc is at least reachable + serverReachable = KFW_probe_kdc(&cellconfig); + } else { + int i; + + for ( i=0 ; i