Windows: If SecurityLevel is configured use it for vos.exe and pts.exe

If the SecurityLevel registry value indicates that crypt should be
the default, then always set -encrypt for vos.exe and pts.exe.

Reviewed-on: http://gerrit.openafs.org/648
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>

diff --git a/src/ptserver/pts.c b/src/ptserver/pts.c
index 2af6532..56cfc74 100644 (file)
--- a/src/ptserver/pts.c
+++ b/src/ptserver/pts.c
@@ -23,6 +23,7 @@
 #ifdef AFS_NT40_ENV
 #include <winsock2.h>
 #include <WINNT/afsevent.h>
+#include <WINNT/afsreg.h>
 #else
 #include <netinet/in.h>
 #endif
@@ -142,6 +143,29 @@ osi_audit(void)
     return 0;
 }
 
+#ifdef AFS_NT40_ENV
+static DWORD
+win32_enableCrypt(void)
+{
+    HKEY parmKey;
+    DWORD dummyLen;
+    DWORD cryptall = 0;
+    DWORD code;
+
+    /* Look up configuration parameters in Registry */
+    code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_SVC_PARAM_SUBKEY,
+                        0, (IsWow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey);
+    if (code != ERROR_SUCCESS) {
+        dummyLen = sizeof(cryptall);
+        RegQueryValueEx(parmKey, "SecurityLevel", NULL, NULL,
+                        (BYTE *) &cryptall, &dummyLen);
+    }
+    RegCloseKey (parmKey);
+
+    return cryptall;
+}
+#endif /* AFS_NT40_ENV */
+
 static int
 GetGlobals(struct cmd_syndesc *as, void *arock)
 {
@@ -182,7 +206,11 @@ GetGlobals(struct cmd_syndesc *as, void *arock)
        changed = 1;
        sec = 1;
     }
-    if (as->parms[22].items) { /* -encrypt */
+    if (as->parms[22].items    /* -encrypt */
+#ifdef AFS_NT40_ENV
+        || win32_enableCrypt()
+#endif /* AFS_NT40_ENV */
+        ) {
        changed = 1;
        sec = 3;
     }

diff --git a/src/volser/vos.c b/src/volser/vos.c
index 0428be0..a2274ac 100644 (file)
--- a/src/volser/vos.c
+++ b/src/volser/vos.c
@@ -20,6 +20,7 @@
 #include <fcntl.h>
 #include <io.h>
 #include <winsock2.h>
+#include <WINNT/afsreg.h>
 #else
 #include <sys/time.h>
 #include <sys/file.h>
@@ -5678,6 +5679,29 @@ PrintDiagnostics(char *astring, afs_int32 acode)
 }
 
 
+#ifdef AFS_NT40_ENV
+static DWORD
+win32_enableCrypt(void)
+{
+    HKEY parmKey;
+    DWORD dummyLen;
+    DWORD cryptall = 0;
+    DWORD code;
+
+    /* Look up configuration parameters in Registry */
+    code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_SVC_PARAM_SUBKEY,
+                        0, (IsWow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey);
+    if (code != ERROR_SUCCESS) {
+        dummyLen = sizeof(cryptall);
+        RegQueryValueEx(parmKey, "SecurityLevel", NULL, NULL,
+                        (BYTE *) &cryptall, &dummyLen);
+    }
+    RegCloseKey (parmKey);
+
+    return cryptall;
+}
+#endif /* AFS_NT40_ENV */
+
 static int
 MyBeforeProc(struct cmd_syndesc *as, void *arock)
 {
@@ -5695,7 +5719,11 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
        tcell = as->parms[12].items->data;
     if (as->parms[14].items)   /* -serverauth specified */
        sauth = 1;
-    if (as->parms[16].items)   /* -crypt specified */
+    if (as->parms[16].items     /* -encrypt specified */
+#ifdef AFS_NT40_ENV
+        || win32_enableCrypt()
+#endif /* AFS_NT40_ENV */
+         )
        vsu_SetCrypt(1);
     if ((code =
         vsu_ClientInit((as->parms[13].items != 0), confdir, tcell, sauth,