From 1c4e7ddb498f86b232f0f1de1f40690e97bf6a65 Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Thu, 28 Feb 2013 17:11:57 -0500
Subject: [PATCH] Windows: afslogon !KA_USERAUTH_AUTHENT_LOGON

Patchset 305133cde60fec7fb1050caf60a4319cdcf88a27 halted the practice
of calling ka_UserAuthenticateGeneral2() with the alternate smbName.
It should have halted the practice of passing flag
KA_USERAUTH_AUTHENT_LOGON which indicates that the smbName parameter
has been provided.   Passing KA_USERAUTH_AUTHENT_LOGON without the smbName
field results in a KTC_INVAL error.

This error only impacts sites that still use kaserver or Kerberos v4 for
authentication.

Change-Id: I9eb7adc4fdb7b3ffa0aedca377e2f91bc01b30ea
Reviewed-on: http://gerrit.openafs.org/9318
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/WINNT/afsd/afslogon.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/WINNT/afsd/afslogon.c b/src/WINNT/afsd/afslogon.c
index 241cbfef7..019166fc8 100644
--- a/src/WINNT/afsd/afslogon.c
+++ b/src/WINNT/afsd/afslogon.c
@@ -1072,8 +1072,8 @@ ObtainTokens( PLUID lpLogonId,
             *p++ = '@';
             StringCchCopy(p, len - tlen -1, pOpt->realm ? pOpt->realm : realm);
             code = KFW_AFS_get_cred(principal, cell, password, 0, NULL, preason);
-            DebugEvent("KFW_AFS_get_cred  uname=[%s] smbname=[%s] cell=[%s] code=[%d]",
-                        principal, pOpt->smbName, cell, code);
+            DebugEvent("KFW_AFS_get_cred  uname=[%s] smbname=[NULL] cell=[%s] code=[%d]",
+                        principal, cell, code);
 
             if (code == 0 && pOpt->theseCells) {
                 p = pOpt->theseCells;
@@ -1082,8 +1082,8 @@ ObtainTokens( PLUID lpLogonId,
                         SetEnvironmentVariable(DO_NOT_REGISTER_VARNAME, "");
                         code2 = KFW_AFS_get_cred(principal, p, password, 0, NULL, preason);
                         SetEnvironmentVariable(DO_NOT_REGISTER_VARNAME, NULL);
-                        DebugEvent("KFW_AFS_get_cred  uname=[%s] smbname=[%s] cell=[%s] code=[%d]",
-                                    principal, pOpt->smbName, p, code2);
+                        DebugEvent("KFW_AFS_get_cred  uname=[%s] smbname=[NULL] cell=[%s] code=[%d]",
+                                    principal, p, code2);
                     }
                     p += strlen(p) + 1;
                 }
@@ -1094,11 +1094,11 @@ ObtainTokens( PLUID lpLogonId,
         SetEnvironmentVariable(DO_NOT_REGISTER_VARNAME, NULL);
 
     } else {
-        code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
+        code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION,
                                             uname, "", cell, password, NULL, 0, &pw_exp, 0,
                                             preason);
-        DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2 Code[%x] uname[%s] smbname=[%s] Cell[%s] PwExp=[%d] Reason=[%s]",
-                    code, uname, pOpt->smbName, cell, pw_exp, *preason ? *preason : "");
+        DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2 Code[%d] uname[%s] smbname=[NULL] Cell[%s] PwExp=[%d] Reason=[%s]",
+                    code, uname, cell, pw_exp, *preason ? *preason : "");
     }
 
     RevertSecurityContext(&LogonContext);
-- 
2.39.5