From 1e2c37e0700e42634e9e5d735ece4116123e452f Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Fri, 1 Jul 2005 20:34:14 +0000
Subject: [PATCH] STABLE14-windows-aklog-naming-20050624

Correct for the behavior of pr_SNameToId() lowercasing the username


(cherry picked from commit a61ff319b7a9cec29b02579c20a338c46a8d2c55)
---
 src/WINNT/afsd/afskfw.c | 39 ++++++++-------------------------------
 src/WINNT/aklog/aklog.c | 38 ++++++++------------------------------
 2 files changed, 16 insertions(+), 61 deletions(-)

diff --git a/src/WINNT/afsd/afskfw.c b/src/WINNT/afsd/afskfw.c
index d86ad7a9f..7c376ce98 100644
--- a/src/WINNT/afsd/afskfw.c
+++ b/src/WINNT/afsd/afskfw.c
@@ -2542,30 +2542,14 @@ ViceIDToUsername(char *username,
         confname[sizeof(confname) - 2] = '\0';
     }
 
-    /*
-     * Talk about DUMB!  It turns out that there is a bug in
-     * pr_Initialize -- even if you give a different cell name
-     * to it, it still uses a connection to a previous AFS server
-     * if one exists.  The way to fix this is to change the
-     * _filename_ argument to pr_Initialize - that forces it to
-     * re-initialize the connection.  We do this by adding and
-     * removing a "/" on the end of the configuration directory name.
-     */
-
-    if (lastcell[0] != '\0' && (strcmp(lastcell, aserver->cell) != 0)) {
-        int i = strlen(confname);
-        if (confname[i - 1] == '/') {
-            confname[i - 1] = '\0';
-        } else {
-            confname[i] = '/';
-            confname[i + 1] = '\0';
-        }
-    }
-
     strcpy(lastcell, aserver->cell);
 
-    if (!pr_Initialize (0, confname, aserver->cell))
-        status = pr_SNameToId (username, &viceId);
+    if (!pr_Initialize (0, confname, aserver->cell)) {
+        char sname[PR_MAXNAMELEN];
+        strncpy(sname, username, PR_MAXNAMELEN);
+        sname[PR_MAXNAMELEN-1] = '\0';    
+        status = pr_SNameToId (sname, &viceId);
+    }
 
     /*
      * This is a crock, but it is Transarc's crock, so
@@ -2602,14 +2586,6 @@ ViceIDToUsername(char *username,
             strncpy(aclient->cell, realm_of_user, MAXKTCREALMLEN - 1);
             if (status = ktc_SetToken(aserver, atoken, aclient, 0))
                 return status;
-
-            /*                                    
-             * In case you're wondering, we don't need to change the
-             * filename here because we're still connecting to the
-             * same cell -- we're just using a different authentication
-             * level
-             */
-
             if (status = pr_Initialize(1L, confname, aserver->cell))
                 return status;
             if (status = pr_CreateUser(username, &id))
@@ -2976,7 +2952,8 @@ KFW_AFS_klog(
         strcpy(aclient.cell, realm_of_cell);
 
         len = min(k5creds->client->realm.length,strlen(realm_of_cell));
-        if ( strncmp(realm_of_cell, k5creds->client->realm.data, len) ) {
+        /* For Khimaira, always append the realm name */
+        if ( 1 /* strncmp(realm_of_cell, k5creds->client->realm.data, len) */ ) {
             char * p;
             strcat(aclient.name, "@");
             p = aclient.name + strlen(aclient.name);
diff --git a/src/WINNT/aklog/aklog.c b/src/WINNT/aklog/aklog.c
index 8af991deb..9b37eb882 100644
--- a/src/WINNT/aklog/aklog.c
+++ b/src/WINNT/aklog/aklog.c
@@ -196,30 +196,14 @@ void ViceIDToUsername(char *username, char *realm_of_user, char *realm_of_cell,
     if (dflag)
         printf("About to resolve name %s to id\n", username);
 
-    /*
-    * Talk about DUMB!  It turns out that there is a bug in
-    * pr_Initialize -- even if you give a different cell name
-    * to it, it still uses a connection to a previous AFS server
-    * if one exists.  The way to fix this is to change the
-    * _filename_ argument to pr_Initialize - that forces it to
-    * re-initialize the connection.  We do this by adding and
-    * removing a "/" on the end of the configuration directory name.
-    */
-
-    if (lastcell[0] != '\0' && (strcmp(lastcell, aserver->cell) != 0)) {
-        int i = strlen(confname);
-        if (confname[i - 1] == '/') {
-            confname[i - 1] = '\0';
-        } else {
-            confname[i] = '/';
-            confname[i + 1] = '\0';
-        }
-    }
-
     strcpy(lastcell, aserver->cell);
 
-    if (!pr_Initialize (0, confname, aserver->cell))
-        *status = pr_SNameToId (username, &viceId);
+	if (!pr_Initialize (0, confname, aserver->cell)) {
+		char sname[PR_MAXNAMELEN];
+		strncpy(sname, username, PR_MAXNAMELEN);
+		sname[PR_MAXNAMELEN-1] = '\0';
+        *status = pr_SNameToId (sname, &viceId);
+	}
 
     if (dflag)
     {
@@ -273,13 +257,6 @@ void ViceIDToUsername(char *username, char *realm_of_user, char *realm_of_cell,
                 return ;
             }
 
-            /*
-             * In case you're wondering, we don't need to change the
-             * filename here because we're still connecting to the
-             * same cell -- we're just using a different authentication
-             * level
-             */
-
             if ((*status = pr_Initialize(1L, confname, aserver->cell))) {
                 printf("Error %d\n", status);
                 return;
@@ -761,7 +738,8 @@ static int auth_to_cell(krb5_context context, char *cell, char *realm)
             }
         }
 
-        if (strcmp(realm_of_user, realm_of_cell))
+        /* For Khimaira we want to always append the realm to the name */
+        if (1 /* strcmp(realm_of_user, realm_of_cell) */)
         {
             strcat(username, "@");
             strcat(username, realm_of_user);
-- 
2.39.5