From 348e26e10deaee7306a739c4f25ae8c0bf8bf5c4 Mon Sep 17 00:00:00 2001
From: "Dr. Dieter Mack" <mack@uni-hohenheim.de>
Date: Mon, 15 Mar 2004 18:51:03 +0000
Subject: [PATCH] uss-kauth-support-lockout-20040315

FIXES 3637

minor reformat by shadow@dementia.org
make uss kauth support account locking correctly.
---
 src/uss/uss.c       |  2 +-
 src/uss/uss_kauth.c | 31 ++++++++++++++++++++-----------
 2 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/src/uss/uss.c b/src/uss/uss.c
index dac4235d2..0c6f2d682 100644
--- a/src/uss/uss.c
+++ b/src/uss/uss.c
@@ -1416,7 +1416,7 @@ HandleBulk(a_as, a_rock)
 	 */
 	uss_common_Reset();
 
-	sprintf(tbuf, "%s", buf);
+	strncpy(tbuf, buf, USS_BULK_BUF_CHARS-1);
 
 	/*
 	 * First line of file = line 1.
diff --git a/src/uss/uss_kauth.c b/src/uss/uss_kauth.c
index 5b22df83d..56886d87d 100644
--- a/src/uss/uss_kauth.c
+++ b/src/uss/uss_kauth.c
@@ -607,7 +607,7 @@ uss_kauth_SetFields(username, expirestring, reuse, failures, lockout)
     afs_int32 was_spare = 0;
     char instance = '\0';
     int pwexpiry;
-    int nfailures, locktime;
+    int nfailures, locktime, hrs, mins;
 
     if (strlen(username) > uss_UserLen) {
 	fprintf(stderr,
@@ -631,18 +631,16 @@ uss_kauth_SetFields(username, expirestring, reuse, failures, lockout)
 	fprintf(stderr,
 		"Continuing with default lifetime == 0 for user %s.\n",
 		username);
-    } else {
-	misc_auth_bytes[0] = pwexpiry + 1;
+	pwexpiry = 0;
     }
+    misc_auth_bytes[0] = pwexpiry + 1;
 
-    if (!strcmp(reuse, "reuse")) {
-	misc_auth_bytes[1] = KA_REUSEPW;
-    } else if (!strcmp(reuse, "noreuse")) {
+    if (!strcmp(reuse, "noreuse")) {
 	misc_auth_bytes[1] = KA_NOREUSEPW;
     } else {
 	misc_auth_bytes[1] = KA_REUSEPW;
-	fprintf(stderr,
-		"must specify \"reuse\" or \"noreuse\": \"reuse\" assumed\n");
+	if (strcmp(reuse, "reuse"))
+	  fprintf(stderr, "must specify \"reuse\" or \"noreuse\": \"reuse\" assumed\n");
     }
 
     nfailures = atoi(failures);
@@ -655,14 +653,25 @@ uss_kauth_SetFields(username, expirestring, reuse, failures, lockout)
     } else
 	misc_auth_bytes[2] = nfailures + 1;
 
-    locktime = ktime_Str2int32(lockout);
-    if (locktime < 0 || locktime > 36 * 60) {
+    hrs = 0;
+    if (strchr(lockout, ':'))
+	sscanf(lockout, "%d:%d", &hrs, &mins);
+    else
+	sscanf(lockout, "%d", &mins);
+
+    locktime = hrs*60 + mins;
+    if (hrs < 0 || hrs > 36 || mins < 0) {
+	fprintf(stderr,"Lockout times must be either minutes or hh:mm.\n");
+	fprintf(stderr,"Lockout times must be less than 36 hours.\n");
+	return KABADCMD;
+    } else if (locktime > 36*60) {
 	fprintf(stderr, "Lockout times must be either minutes or hh:mm.\n");
 	fprintf(stderr, "Lockout times must be less than 36 hours.\n");
 	fprintf(stderr, "Continuing with lock time == forever for user %s.\n",
 		username);
+	misc_auth_bytes[3] = 1;
     } else {
-	locktime = (locktime * 60) >> 9;
+	locktime = (locktime * 60 + 511) >> 9;  /* ceil(l*60/512) */
 	misc_auth_bytes[3] = locktime + 1;
     }
 
-- 
2.39.5