From 49e37244b2d8260456eafd189ffdc62caf510ac4 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 21 Feb 2005 01:16:39 +0000 Subject: [PATCH] STABLE14-windows-misc-20050207 smb3.c: another fix for pattern matching. Patterns can include '<' and '>' instead of '*' and '?'. Treat any pattern with angle bracket as star patterns afslogon.c: instead of retrying the username lowercased if it is all uppercased. retry the username lowercased if it was not already lowercased. this captures the mixedcase username case. afskfw.c: If Leash is configured to not import tickets from the MSLSA, neither should we. cm_vnodeops.c: If the second to last component of a path is a symlink and the last component cannot be found, return NOSUCHPATH instead of FILE_NOT_FOUND. (cherry picked from commit 641c2b17efbffa523818a950761e612e9fc6f5f7) --- src/WINNT/afsd/afskfw.c | 37 ++++++++++++++++++++++++++++++- src/WINNT/afsd/afslogon.c | 42 ++++++++++++++++++++---------------- src/WINNT/afsd/cm_vnodeops.c | 5 ++++- src/WINNT/afsd/smb3.c | 2 +- 4 files changed, 65 insertions(+), 21 deletions(-) diff --git a/src/WINNT/afsd/afskfw.c b/src/WINNT/afsd/afskfw.c index c57dcb70e..69bd6bdcf 100644 --- a/src/WINNT/afsd/afskfw.c +++ b/src/WINNT/afsd/afskfw.c @@ -100,6 +100,7 @@ DECL_FUNC_PTR(Leash_get_default_life_max); DECL_FUNC_PTR(Leash_get_default_renew_min); DECL_FUNC_PTR(Leash_get_default_renew_max); DECL_FUNC_PTR(Leash_get_default_renewable); +DECL_FUNC_PTR(Leash_get_default_mslsa_import); // krb5 functions DECL_FUNC_PTR(krb5_change_password); @@ -154,6 +155,7 @@ DECL_FUNC_PTR(krb5_get_renewed_creds); DECL_FUNC_PTR(krb5_get_default_config_files); DECL_FUNC_PTR(krb5_free_config_files); DECL_FUNC_PTR(krb5_get_default_realm); +DECL_FUNC_PTR(krb5_free_default_realm); DECL_FUNC_PTR(krb5_free_ticket); DECL_FUNC_PTR(krb5_decode_ticket); DECL_FUNC_PTR(krb5_get_host_realm); @@ -357,7 +359,9 @@ static int inited = 0; static int mid_cnt = 0; static struct textField * mid_tb = NULL; static HINSTANCE hKrb5 = 0; +#ifdef USE_KRB4 static HINSTANCE hKrb4 = 0; +#endif /* USE_KRB4 */ static HINSTANCE hKrb524 = 0; #ifdef USE_MS2MIT static HINSTANCE hSecur32 = 0; @@ -427,8 +431,10 @@ KFW_cleanup(void) { if (hKrb5) FreeLibrary(hKrb5); +#ifdef USE_KRB4 if (hKrb4) FreeLibrary(hKrb4); +#endif /* USE_KRB4 */ if (hProfile) FreeLibrary(hProfile); if (hComErr) @@ -901,8 +907,9 @@ KFW_import_windows_lsa(void) char * pname = NULL; krb5_data * princ_realm; krb5_error_code code; - char cell[128]="", realm[128]=""; + char cell[128]="", realm[128]="", *def_realm = 0; int i; + DWORD dwMsLsaImport; if (!pkrb5_init_context) return; @@ -923,6 +930,32 @@ KFW_import_windows_lsa(void) code = pkrb5_cc_get_principal(ctx, cc, &princ); if ( code ) goto cleanup; + dwMsLsaImport = pLeash_get_default_mslsa_import(); + switch ( dwMsLsaImport ) { + case 0: /* do not import */ + goto cleanup; + case 1: /* always import */ + break; + case 2: { /* matching realm */ + char ms_realm[128] = "", *r; + int i; + + for ( r=ms_realm, i=0; ilength; r++, i++ ) { + *r = krb5_princ_realm(ctx, princ)->data[i]; + } + *r = '\0'; + + if (code = pkrb5_get_default_realm(ctx, &def_realm)) + goto cleanup; + + if (strcmp(def_realm, ms_realm)) + goto cleanup; + break; + } + default: + break; + } + code = pkrb5_unparse_name(ctx,princ,&pname); if ( code ) goto cleanup; @@ -949,6 +982,8 @@ KFW_import_windows_lsa(void) pkrb5_free_unparsed_name(ctx,pname); if (princ) pkrb5_free_principal(ctx,princ); + if (def_realm) + pkrb5_free_default_realm(ctx, def_realm); if (cc) pkrb5_cc_close(ctx,cc); if (ctx) diff --git a/src/WINNT/afsd/afslogon.c b/src/WINNT/afsd/afslogon.c index e13022342..746c6cce2 100644 --- a/src/WINNT/afsd/afslogon.c +++ b/src/WINNT/afsd/afslogon.c @@ -611,7 +611,7 @@ DWORD APIENTRY NPLogonNotify( DWORD code; int pw_exp; - char *reason; + char *reason = 0; char *ctemp; BOOLEAN interactive; @@ -623,7 +623,7 @@ DWORD APIENTRY NPLogonNotify( BOOLEAN afsWillAutoStart; - BOOLEAN uppercased_name = TRUE; + BOOLEAN lowercased_name = TRUE; LogonOptions_t opt; /* domain specific logon options */ int retryInterval; @@ -654,10 +654,10 @@ DWORD APIENTRY NPLogonNotify( ctemp = strchr(uname, '@'); if (ctemp) *ctemp = 0; - /* is the name all uppercase? */ + /* is the name all lowercase? */ for ( ctemp = uname; *ctemp ; ctemp++) { - if ( islower(*ctemp) ) { - uppercased_name = FALSE; + if ( !islower(*ctemp) ) { + lowercased_name = FALSE; break; } } @@ -739,38 +739,44 @@ DWORD APIENTRY NPLogonNotify( /* if Integrated Logon */ if (ISLOGONINTEGRATED(opt.LogonOption)) - { + { if ( KFW_is_available() ) { code = KFW_AFS_get_cred(uname, cell, password, 0, opt.smbName, &reason); - DebugEvent("KFW_AFS_get_cred uname=[%s] smbname=[%s] cell=[%s] code=[%d]",uname,opt.smbName,cell,code); - } - else { + DebugEvent("KFW_AFS_get_cred uname=[%s] smbname=[%s] cell=[%s] code=[%d]", + uname,opt.smbName,cell,code); + } else { code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON, uname, "", cell, password, opt.smbName, 0, &pw_exp, 0, &reason); - DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2","Code[%x]", - code); + + DebugEvent("AFS AfsLogon - ka_UserAuthenticateGeneral2","Code[%x] uname[%s] Cell[%s] Reason[%s]", + code,uname,cell,reason ? reason : ""); + { + char msg[2048]; + sprintf(msg, "Code[%x] uname[%s] Cell[%s] Reason[%s]", + code,uname,cell,reason ? reason : ""); + MessageBox(hwndOwner, + msg, + "AFS Logon", + MB_ICONINFORMATION | MB_OK); + } } - if ( code && code != KTC_NOCM && code != KTC_NOCMRPC && uppercased_name ) { + if ( code && code != KTC_NOCM && code != KTC_NOCMRPC && !lowercased_name ) { for ( ctemp = uname; *ctemp ; ctemp++) { *ctemp = tolower(*ctemp); } - uppercased_name = FALSE; + lowercased_name = TRUE; goto sleeping; } /* is service started yet?*/ - DebugEvent("AFS AfsLogon - ka_UserAuthenticateGeneral2","Code[%x] uname[%s] Cell[%s]", - code,uname,cell); - /* If we've failed because the client isn't running yet and the * client is set to autostart (and therefore it makes sense for * us to wait for it to start) then sleep a while and try again. * If the error was something else, then give up. */ if (code != KTC_NOCM && code != KTC_NOCMRPC || !afsWillAutoStart) break; - } - else { + } else { /*JUST check to see if its running*/ if (IsServiceRunning()) break; diff --git a/src/WINNT/afsd/cm_vnodeops.c b/src/WINNT/afsd/cm_vnodeops.c index 27ba3f87e..9c35da194 100644 --- a/src/WINNT/afsd/cm_vnodeops.c +++ b/src/WINNT/afsd/cm_vnodeops.c @@ -1431,7 +1431,10 @@ long cm_NameI(cm_scache_t *rootSCachep, char *pathp, long flags, cm_ReleaseSCache(tscp); if (psp) cm_FreeSpace(psp); - return code; + if (code == CM_ERROR_NOSUCHFILE && tscp->fileType == CM_SCACHETYPE_SYMLINK) + return CM_ERROR_NOSUCHPATH; + else + return code; } haveComponent = 0; /* component done */ dirScp = tscp; /* for some symlinks */ diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c index cd0c04cda..f53e10cc7 100644 --- a/src/WINNT/afsd/smb3.c +++ b/src/WINNT/afsd/smb3.c @@ -100,7 +100,7 @@ int smb_V3IsStarMask(char *maskp) char tc; while (tc = *maskp++) - if (tc == '?' || tc == '*') + if (tc == '?' || tc == '*' || tc == '<' || tc == '>') return 1; return 0; } -- 2.39.5