X-Git-Url: https://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=src%2Frxkad%2Frxkad_client.c;h=2f894253f96bdaa57b9c6c62bbb90242068cbcbb;hp=71866b71e9a86c28a43a69945c7f80fb57440162;hb=39b165cdda941181845022c183fea1c7af7e4356;hpb=0d67b00ff9db48c5555e8ae11daff9a469c770b0 diff --git a/src/rxkad/rxkad_client.c b/src/rxkad/rxkad_client.c index 71866b7..2f89425 100644 --- a/src/rxkad/rxkad_client.c +++ b/src/rxkad/rxkad_client.c @@ -68,82 +68,6 @@ static struct rx_securityOps rxkad_client_ops = { 0, }; -/* To minimize changes to epoch, we set this Cuid once, and everyone (including - * rxnull) uses it after that. This means that the Ksession of the first - * authencticated connection should be a good one. */ - -#ifdef AFS_PTHREAD_ENV -/* - * This mutex protects the following global variables: - * Cuid - * counter - * rxkad_EpochWasSet - */ -pthread_mutex_t rxkad_client_uid_mutex; -#define LOCK_CUID osi_Assert(pthread_mutex_lock(&rxkad_client_uid_mutex)==0) -#define UNLOCK_CUID osi_Assert(pthread_mutex_unlock(&rxkad_client_uid_mutex)==0) -#else -#define LOCK_CUID -#define UNLOCK_CUID -#endif /* AFS_PTHREAD_ENV */ - -static afs_int32 Cuid[2]; /* set once and shared by all */ -int rxkad_EpochWasSet = 0; /* TRUE => we called rx_SetEpoch */ - -/* allocate a new connetion ID in place */ -int -rxkad_AllocCID(struct rx_securityClass *aobj, struct rx_connection *aconn) -{ - struct rxkad_cprivate *tcp; - struct rxkad_cidgen tgen; - static afs_int32 counter = 0; /* not used anymore */ - - LOCK_CUID; - if (Cuid[0] == 0) { - afs_uint32 xor[2]; - tgen.ipAddr = rxi_getaddr(); /* comes back in net order */ - clock_GetTime(&tgen.time); /* changes time1 and time2 */ - tgen.time.sec = htonl(tgen.time.sec); - tgen.time.usec = htonl(tgen.time.usec); - tgen.counter = htonl(counter); - counter++; -#ifdef KERNEL - tgen.random1 = afs_random() & 0x7fffffff; /* was "80000" */ - tgen.random2 = afs_random() & 0x7fffffff; /* was "htonl(100)" */ -#else - tgen.random1 = htonl(getpid()); - tgen.random2 = htonl(100); -#endif - if (aobj) { - /* block is ready for encryption with session key, let's go for it. */ - tcp = (struct rxkad_cprivate *)aobj->privateData; - memcpy((void *)xor, (void *)tcp->ivec, 2 * sizeof(afs_int32)); - fc_cbc_encrypt((char *)&tgen, (char *)&tgen, sizeof(tgen), - tcp->keysched, xor, ENCRYPT); - } else { - /* Create a session key so that we can encrypt it */ - - } - memcpy((void *)Cuid, - ((char *)&tgen) + sizeof(tgen) - ENCRYPTIONBLOCKSIZE, - ENCRYPTIONBLOCKSIZE); - Cuid[0] = (Cuid[0] & ~0x40000000) | 0x80000000; - Cuid[1] &= RX_CIDMASK; - rx_SetEpoch(Cuid[0]); /* for future rxnull connections */ - rxkad_EpochWasSet++; - } - - if (!aconn) { - UNLOCK_CUID; - return 0; - } - rx_SetConnectionEpoch(aconn, Cuid[0]); - rx_SetConnectionId(aconn, Cuid[1]); - Cuid[1] += 1 << RX_CIDSHIFT; - UNLOCK_CUID; - return 0; -} - /* Allocate a new client security object. Called with the encryption level, * the session key and the ticket for the other side obtained from the * AuthServer. Refers to export control to determine level. */ @@ -287,12 +211,3 @@ rxkad_GetResponse(struct rx_securityClass *aobj, struct rx_connection *aconn, rx_SetDataSize(apacket, responseSize + tcp->ticketLen); return 0; } - -void -rxkad_ResetState(void) -{ - LOCK_CUID; - Cuid[0] = 0; - rxkad_EpochWasSet = 0; - UNLOCK_CUID; -}