From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Mon, 9 May 2011 14:45:33 +0000 (-0400)
Subject: Windows: support dotted names in aklog
X-Git-Tag: upstream/1.8.0_pre1^2~3761
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=f0fe7537e7ea1dadfed7b96c90361497e624cd8c;p=packages%2Fo%2Fopenafs.git

Windows: support dotted names in aklog

Do not reject dotted principal names if the registry
configuration states that they should be accepted.

Change-Id: I675bec085f61ae2f5dc1cfd93a811655f87e0577
Reviewed-on: http://gerrit.openafs.org/4632
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
---

diff --git a/src/WINNT/aklog/aklog.c b/src/WINNT/aklog/aklog.c
index 28f1b710d..8b778ee4c 100644
--- a/src/WINNT/aklog/aklog.c
+++ b/src/WINNT/aklog/aklog.c
@@ -81,6 +81,7 @@
 #include <afs\cellconfig.h>
 #include <afs\pioctl_nt.h>
 #include <afs\smb_iocons.h>
+#include <WINNT\afsreg.h>
 
 #define DONT_HAVE_GET_AD_TKT
 #define MAXSYMLINKS 255
@@ -672,6 +673,65 @@ copy_realm_of_ticket(krb5_context context, char * dest, size_t destlen, krb5_cre
     }
 }
 
+typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);
+static
+int is_wow64()
+{
+    static int init = TRUE;
+    static int bIsWow64 = FALSE;
+
+    if (init) {
+        HMODULE hModule;
+        LPFN_ISWOW64PROCESS fnIsWow64Process = NULL;
+
+        hModule = GetModuleHandle(TEXT("kernel32"));
+        if (hModule) {
+            fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress(hModule, "IsWow64Process");
+
+            if (NULL != fnIsWow64Process)
+            {
+                if (!fnIsWow64Process(GetCurrentProcess(),&bIsWow64))
+                {
+                    // on error, assume FALSE.
+                    // in other words, do nothing.
+                }
+            }
+            FreeLibrary(hModule);
+        }
+        init = FALSE;
+    }
+    return bIsWow64;
+}
+
+static int
+accept_dotted_usernames(void)
+{
+    HKEY parmKey;
+    DWORD code, len;
+    DWORD value = 1;
+
+    code = RegOpenKeyEx(HKEY_CURRENT_USER, AFSREG_USER_OPENAFS_SUBKEY,
+                         0, (is_wow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey);
+    if (code == ERROR_SUCCESS) {
+        len = sizeof(value);
+        code = RegQueryValueEx(parmKey, "AcceptDottedPrincipalNames", NULL, NULL,
+                                (BYTE *) &value, &len);
+        RegCloseKey(parmKey);
+    }
+    if (code != ERROR_SUCCESS) {
+        code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_OPENAFS_SUBKEY,
+                             0, (is_wow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey);
+        if (code == ERROR_SUCCESS) {
+            len = sizeof(value);
+            code = RegQueryValueEx(parmKey, "AcceptDottedPrincipalNames", NULL, NULL,
+                                    (BYTE *) &value, &len);
+            RegCloseKey (parmKey);
+        }
+    }
+    return value;
+}
+
+
 /*
 * Log to a cell.  If the cell has already been logged to, return without
 * doing anything.  Otherwise, log to it and mark that it has been logged
@@ -772,7 +832,7 @@ static int auth_to_cell(krb5_context context, char *cell, char *realm)
             goto done;
         }
 
-        if ( strchr(name,'.') != NULL ) {
+        if ( strchr(name,'.') != NULL && !accept_dotted_usernames()) {
             fprintf(stderr, "%s: Can't support principal names including a dot.\n",
                     progname);
             status = AKLOG_MISC;