+Since 1.3.87:
+ * afscreds.exe would display an Obtain Creds dialog when
+ the expired credentials reminder was triggered even
+ if there was no network path to the KDC. This is prevented
+ by adding KDC probe logic to the reminder thread.
+
+ * afscreds.exe would display expired tokens no differently
+ than unexpired ones. This would make it difficult for the
+ user to distiguish when the tokens were expired. For the
+ English build added a new resource string "(expired) that
+ is displayed instead of the expiration time.
+
Since 1.3.86:
* "fs wscell" when executed in freelance mode will return the
name of the cell configured in the registry. The root.afs
SYSTEMTIME stGMT;
FileTimeToSystemTime (&ftGMT, &stGMT);
- LPTSTR pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT);
+ SYSTEMTIME stNow;
+ GetLocalTime (&stNow);
+
+ FILETIME ftNow;
+ SystemTimeToFileTime (&stNow, &ftNow);
+
+ LONGLONG llNow = (((LONGLONG)ftNow.dwHighDateTime) << 32) + (LONGLONG)(ftNow.dwLowDateTime);
+ LONGLONG llExpires = (((LONGLONG)ftLocal.dwHighDateTime) << 32) + (LONGLONG)(ftLocal.dwLowDateTime);
+
+ llNow /= c100ns1SECOND;
+ llExpires /= c100ns1SECOND;
+
+ LPTSTR pszCreds = NULL;
+ if (llExpires <= (llNow + (LONGLONG)cminREMIND_WARN * csec1MINUTE))
+ pszCreds = FormatString (IDS_CREDS_EXPIRED, TEXT("%s"), g.aCreds[ iCreds ].szUser);
+
+ if (!pszCreds || !pszCreds[0])
+ pszCreds = FormatString (IDS_CREDS, TEXT("%s%t"), g.aCreds[ iCreds ].szUser, &stGMT);
SetDlgItemText (hDlg, IDC_CREDS_INFO, pszCreds);
FreeString (pszCreds);
}
oc, 0, &threadID);
if (thread != NULL)
CloseHandle(thread);
- else {
- free(oc->cell);
- free(oc);
- }
+ else {
+ free(oc->cell);
+ free(oc);
+ }
}
}
rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
- if ( !rootcell ) goto cleanup;
+ if (!rootcell)
+ goto cleanup;
code = KFW_AFS_get_cellconfig(cell, (void*)&cellconfig, rootcell);
- if ( code ) goto cleanup;
+ if (code)
+ goto cleanup;
memset(&aserver, '\0', sizeof(aserver));
strcpy(aserver.name, "afs");
#ifdef USE_FSPROBE
serverReachable = cellPing(NULL);
#else
- if ( use_kfw ) {
+ if (use_kfw) {
// If we can't use the FSProbe interface we can attempt to forge
// a kinit and if we can back an invalid user error we know the
// kdc is at least reachable
IDS_BADSUB_TITLE_95 "Error - AFS Light"
IDS_BADSUB_DESC "The drive letter description you entered cannot be used.\n\nA drive letter description may have no more than 12 characters, and may not contain spaces or tabs."
IDS_TITLE_95 "AFS Light"
+ IDS_CREDS_EXPIRED "%1 (expired)"
END
#endif // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////
#define IDS_BADSUB_TITLE_95 48
#define IDS_BADSUB_DESC 49
#define IDS_TITLE_95 50
+#define IDS_CREDS_EXPIRED 51
#define IDI_MAIN 100
#define IDD_MAIN 101
// dialog. Make sure we never display a warning more than once.
//
size_t iExpired;
- if ((iExpired = Main_FindExpiredCreds()) != -1)
- {
- if (InterlockedIncrement (&g.fShowingMessage) != 1)
- InterlockedDecrement (&g.fShowingMessage);
- else
- ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell);
- }
+ if ((iExpired = Main_FindExpiredCreds()) != -1) {
+ if (InterlockedIncrement (&g.fShowingMessage) != 1) {
+ InterlockedDecrement (&g.fShowingMessage);
+ } else {
+ char * rootcell = NULL;
+ char password[PROBE_PASSWORD_LEN+1];
+ struct afsconf_cell cellconfig;
+ BOOL serverReachable = FALSE;
+ DWORD code;
+
+ rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
+ if (!rootcell)
+ goto cleanup;
+
+ code = KFW_AFS_get_cellconfig(g.aCreds[ iExpired ].szCell,
+ (afsconf_cell*)&cellconfig, rootcell);
+ if (code)
+ goto cleanup;
+
+ if (KFW_is_available()) {
+ // If we can't use the FSProbe interface we can attempt to forge
+ // a kinit and if we can back an invalid user error we know the
+ // kdc is at least reachable
+ serverReachable = KFW_probe_kdc(&cellconfig);
+ } else {
+ int i;
+
+ for ( i=0 ; i<PROBE_PASSWORD_LEN ; i++ )
+ password[i] = 'x';
+
+ code = ObtainNewCredentials(rootcell, PROBE_USERNAME, password, TRUE);
+ switch ( code ) {
+ case INTK_BADPW:
+ case KERB_ERR_PRINCIPAL_UNKNOWN:
+ case KERB_ERR_SERVICE_EXP:
+ case RD_AP_TIME:
+ serverReachable = TRUE;
+ break;
+ default:
+ serverReachable = FALSE;
+ }
+ }
+ cleanup:
+ if (rootcell)
+ GlobalFree(rootcell);
+
+ if (serverReachable)
+ ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell);
+ else
+ InterlockedDecrement (&g.fShowingMessage);
+ }
+ }
}
git://git.openafs.org / openafs.git / commitdiff