#include "keys.h"
#include "afs/audit.h"
+/* The display names for localauth and noauth identities; they aren't used
+ * inside tickets or anything, but just serve as something to display in logs,
+ * etc. */
+#define AFS_LOCALAUTH_NAME "<LocalAuth>"
+#define AFS_LOCALAUTH_LEN (sizeof(AFS_LOCALAUTH_NAME)-1)
+#define AFS_NOAUTH_NAME "<NoAuth>"
+#define AFS_NOAUTH_LEN (sizeof(AFS_NOAUTH_NAME)-1)
+
static int ParseLine(char *buffer, struct rx_identity *user);
static void
struct rx_identity identity;
afs_int32 code;
+ memset(&identity, 0, sizeof(struct rx_identity));
+
LOCK_GLOBAL_MUTEX;
UserListFileName(adir, tbuffer, sizeof tbuffer);
#ifndef AFS_NT40_ENV
testId = rx_identity_new(RX_ID_KRB4, fullname, fullname, strlen(fullname));
if (afsconf_IsSuperIdentity(adir, testId)) {
- if (*identity)
+ if (identity)
*identity = testId;
else
rx_identity_free(&testId);
{
char tcell_l[MAXKTCREALMLEN] = "";
char *tmp;
-
- /* keep track of which one actually authorized request */
- char uname[MAXKTCNAMELEN + MAXKTCNAMELEN + MAXKTCREALMLEN + 3];
-
static char lcell[MAXCELLCHARS] = "";
static char lrealms[AFS_NUM_LREALMS][AFS_REALM_SZ];
static int num_lrealms = -1;
/* If yes, then make sure that the name is not present in
* an exclusion list */
if (lrealm_match) {
+ char uname[MAXKTCNAMELEN + MAXKTCNAMELEN + MAXKTCREALMLEN + 3];
if (tinst && tinst[0])
snprintf(uname,sizeof(uname),"%s.%s@%s",tname,tinst,tcell);
else
lrealm_match = 0;
}
- /* start with no uname and no authorization */
- strcpy(uname, "");
+ /* start with no authorization */
flag = 0;
/* localauth special case */
if ((tinst == NULL || strlen(tinst) == 0) &&
(tcell == NULL || strlen(tcell) == 0)
&& !strcmp(tname, AUTH_SUPERUSER)) {
- strcpy(uname, "<LocalAuth>");
+ if (identity)
+ *identity = rx_identity_new(RX_ID_KRB4, AFS_LOCALAUTH_NAME,
+ AFS_LOCALAUTH_NAME, AFS_LOCALAUTH_LEN);
flag = 1;
/* cell of connection matches local cell or one of the realms */
if (afsconf_GetNoAuthFlag(adir)) {
if (identity)
- *identity = rx_identity_new(RX_ID_KRB4, "<NoAuth>", "<NoAuth>", 8);
+ *identity = rx_identity_new(RX_ID_KRB4, AFS_NOAUTH_NAME,
+ AFS_NOAUTH_NAME, AFS_NOAUTH_LEN);
UNLOCK_GLOBAL_MUTEX;
return 1;
}
char *namep)
{
struct rx_identity *identity;
- int code;
+ int ret;
- code = afsconf_SuperIdentity(adir, acall, &identity);
if (namep) {
- if (identity->kind == RX_ID_KRB4) {
- strlcpy(namep, identity->displayName, MAXKTCNAMELEN-1);
- } else {
- snprintf(namep, MAXKTCNAMELEN-1, "eName: %s",
- identity->displayName);
+ ret = afsconf_SuperIdentity(adir, acall, &identity);
+ if (ret) {
+ if (identity->kind == RX_ID_KRB4) {
+ strlcpy(namep, identity->displayName, MAXKTCNAMELEN-1);
+ } else {
+ snprintf(namep, MAXKTCNAMELEN-1, "eName: %s",
+ identity->displayName);
+ }
+ rx_identity_free(&identity);
}
+ } else {
+ ret = afsconf_SuperIdentity(adir, acall, NULL);
}
- rx_identity_free(&identity);
- return code;
+ return ret;
}