authcon: Use ktc_GetTokenEx in ClientAuthToken

Use ktc_GetTokenEx, and the related token utilities to check for a
users tokens, rather than using the legacy ktc_GetToken

Export the necessary symbols from libafsauthent on Windows to be able
to do this.

Change-Id: I475587d88d9a480c66b4e8484cc595ea984340a3
Reviewed-on: http://gerrit.openafs.org/2747
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/auth/authcon.c b/src/auth/authcon.c
index 55f0d6a6fc5ce8ec5b27b5861e451638e4517b71..574c4d0be602ff88a00c352d59a30b958134832d 100644 (file)
--- a/src/auth/authcon.c
+++ b/src/auth/authcon.c
@@ -29,6 +29,7 @@
 #include <rx/rx.h>
 #include "cellconfig.h"
 #include "keys.h"
+#include "ktc.h"
 #include "auth.h"
 
 /* return a null security object if nothing else can be done */
@@ -181,7 +182,7 @@ afsconf_ClientAuthToken(struct afsconf_cell *info,
                        afs_int32 *scIndex,
                        time_t *expires)
 {
-    struct ktc_principal sname;
+    struct ktc_setTokenData *tokenSet = NULL;
     struct ktc_token ttoken;
     int encryptLevel;
     afs_int32 code;
@@ -189,11 +190,11 @@ afsconf_ClientAuthToken(struct afsconf_cell *info,
     *sc = NULL;
     *scIndex = RX_SECIDX_NULL;
 
-    strcpy(sname.cell, info->name);
-    sname.instance[0] = 0;
-    strcpy(sname.name, "afs");
-    code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL);
+    code = ktc_GetTokenEx(info->name, &tokenSet);
+    if (code)
+       goto out;
 
+    code = token_extractRxkad(tokenSet, &ttoken, NULL, NULL);
     if (code == 0) {
        /* XXX - We should think about how to handle this */
        if (ttoken.kvno < 0 || ttoken.kvno > 256) {
@@ -214,6 +215,10 @@ afsconf_ClientAuthToken(struct afsconf_cell *info,
        if (expires)
            *expires = ttoken.endTime;
     }
+
+out:
+    token_FreeSet(&tokenSet);
+
     if (*sc == NULL)
        return AFSCONF_NO_SECURITY_CLASS;