#include <afs/stds.h>
#include <roken.h>
+#include <afs/opr.h>
#ifdef HAVE_SYS_RESOURCE_H
# include <sys/resource.h>
#include <rx/xdr.h>
#include <rx/rx.h>
#include <rx/rxkad.h>
+#include <rx/rxkad_convert.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/com_err.h>
return code;
}
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
- LOG_CRUSER);
+ KALOG(aname, ainstance, NULL, NULL, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CRUSER);
return code;
}
goto abort;
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
- LOG_CHPASSWD);
+ KALOG(aname, ainstance, NULL, NULL, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CHPASSWD);
return code;
abort:
DES_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
&user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, sname, sinst, NULL, call->conn->peer->host,
- LOG_AUTHENTICATE);
+ KALOG(aname, ainstance, sname, sinst, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHENTICATE);
return code;
abort:
COUNT_ABO;
ubik_AbortTrans(tt);
- KALOG(aname, ainstance, sname, sinst, NULL, call->conn->peer->host,
- LOG_AUTHFAILED);
+ KALOG(aname, ainstance, sname, sinst, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHFAILED);
return code;
}
goto abort;
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
- LOG_SETFIELDS);
+ KALOG(aname, ainstance, NULL, NULL, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_SETFIELDS);
return code;
abort:
goto abort;
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
- LOG_DELUSER);
+ KALOG(aname, ainstance, NULL, NULL, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_DELUSER);
return code;
}
* only return user's key if security disabled or if admin and
* we have an encrypted connection to the user
*/
- rxkad_GetServerInfo(call->conn, &enc_level, 0, 0, 0, 0, 0);
+ rxkad_GetServerInfo(rx_ConnectionOf(call), &enc_level, 0, 0, 0, 0, 0);
if ((noAuthenticationRequired)
|| (callerIsAdmin && enc_level == rxkad_crypt))
memcpy(&aentry->key, &tentry.key, sizeof(struct ktc_encryptionKey));
else
memset(&aentry->key, 0, sizeof(aentry->key));
+
code = ka_KeyCheckSum((char *)&tentry.key, &aentry->keyCheckSum);
+ if (code)
+ goto abort;
+
if (!tentry.pwsums[0] && npwSums > 1 && !tentry.pwsums[1]) {
aentry->reserved3 = 0x12340000;
} else {
&schedule, ktc_to_cblockptr(&authSessionKey), ENCRYPT);
code = ubik_EndTrans(tt);
KALOG(name, instance, sname, sinstance, (import ? authDomain : NULL),
- call->conn->peer->host, LOG_GETTICKET);
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_GETTICKET);
return code;
abort:
kaux_write(to, 0, 0); /* zero failure counters at this offset */
code = ubik_EndTrans(tt);
- KALOG(aname, ainstance, NULL, NULL, NULL, call->conn->peer->host,
- LOG_UNLOCK);
+ KALOG(aname, ainstance, NULL, NULL, NULL,
+ rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_UNLOCK);
goto exit;
abort: