[771] in Zephyr_Bugs
patches for realm_expand_realm and ticket_retrieve
daemon@ATHENA.MIT.EDU (Derrick J. Brashear)
Tue Apr 16 14:12:53 1996
Date: Tue, 16 Apr 1996 14:12:48 -0400 (EDT)
From: "Derrick J. Brashear" <shadow@DEMENTIA.ORG>
Reply-To: "Derrick J. Brashear" <shadow@DEMENTIA.ORG>
To: bug-zephyr@MIT.EDU
Hi,
The following are patches to realm_expand_realm and ticket_retrieve. They do:
a) default to returning something in realm_expand_realm if we didn't expand to
anything
b) also try to expand to match the local realm name, if we haven't already
matched something
c) add a prototype for realm_expand_realm to zserver.h
d) add a field to the Realm structure for the last time we tried to
authenticate to a realm
e) make ticket_retrieve only retry authenticating to a given realm every 5
minutes at most in the event of failure
Enjoy
-D
diff -crtw /afs/athena.mit.edu/astaff/project/zephyr/src/zephyr/server/realm.c
./realm.c
*** /afs/athena.mit.edu/astaff/project/zephyr/src/zephyr/server/realm.c Mon
Apr 8 20:56:33 1996
--- ./realm.c Tue Apr 16 14:02:35 1996
***************
*** 20,26 ****
static void rlm_rexmit __P((void *arg));
static Code_t realm_ulocate_dispatch __P((ZNotice_t *notice,int auth,struct
sockaddr_in *who,Server *server,Realm *realm));
#ifdef ZEPHYR_USES_KERBEROS
! static Code_t ticket_retrieve __P((char *realm));
#endif
char *
--- 20,26 ----
static void rlm_rexmit __P((void *arg));
static Code_t realm_ulocate_dispatch __P((ZNotice_t *notice,int auth,struct
sockaddr_in *who,Server *server,Realm *realm));
#ifdef ZEPHYR_USES_KERBEROS
! static Code_t ticket_retrieve __P((Realm *realm));
#endif
char *
***************
*** 70,77 ****
--- 70,82 ----
return(krb_realm);
}
}
+ if (!strncmp(my_realm, expand, strlen(expand))) {
+ return(my_realm);
}
+ return(expand);
+ }
+
Realmname *
get_realm_lists(file)
char *file;
***************
*** 461,466 ****
--- 466,472 ----
rlm->client = client;
rlm->idx = random() % rlm->count;
rlm->subs = (Destlist *)0;
+ rlm->tkt_try = 0;
free(rlmnames[ii].servers);
free(addresses);
}
***************
*** 570,576 ****
}
if (!ticket_lookup(realm->name))
! if ((retval = ticket_retrieve(realm->name)) != ZERR_NONE) {
syslog(LOG_WARNING, "rlm_handoff failed: %s", error_message(retval));
return;
}
--- 576,582 ----
}
if (!ticket_lookup(realm->name))
! if ((retval = ticket_retrieve(realm)) != ZERR_NONE) {
syslog(LOG_WARNING, "rlm_handoff failed: %s", error_message(retval));
return;
}
***************
*** 1051,1057 ****
static Code_t
ticket_retrieve(realm)
! char *realm;
{
int pid, retval;
KTEXT_ST authent;
--- 1057,1063 ----
static Code_t
ticket_retrieve(realm)
! Realm *realm;
{
int pid, retval;
KTEXT_ST authent;
***************
*** 1062,1076 ****
memset(&authent.dat,0,MAX_KTXT_LEN);
authent.mbz=0;
retval = krb_mk_req(&authent, SERVER_SERVICE, SERVER_INSTANCE,
! realm, 0);
if (retval != KSUCCESS) {
! syslog(LOG_WARNING, "tkt_rtrv: %s: %s", realm,
krb_err_txt[retval]);
return (retval+krb_err_base);
}
return (0);
}
#endif /* ZEPHYR_USES_KERBEROS */
--- 1068,1091 ----
memset(&authent.dat,0,MAX_KTXT_LEN);
authent.mbz=0;
+ /* Trying too often could cause our Zephyr server to lose */
+ if ((NOW - realm->tkt_try) > 5*60) {
retval = krb_mk_req(&authent, SERVER_SERVICE, SERVER_INSTANCE,
! realm->name, 0);
!
! /* Update timer for Kerberos */
! realm->tkt_try = NOW;
!
if (retval != KSUCCESS) {
! syslog(LOG_WARNING, "tkt_rtrv: %s: %s", realm->name,
krb_err_txt[retval]);
return (retval+krb_err_base);
}
return (0);
+ } else {
+ return (1);
+ }
}
#endif /* ZEPHYR_USES_KERBEROS */
diff -crtw
/afs/athena.mit.edu/astaff/project/zephyr/src/zephyr/server/zserver.h
./zserver.h
*** /afs/athena.mit.edu/astaff/project/zephyr/src/zephyr/server/zserver.h
Wed Apr 3 22:00:21 1996
--- ./zserver.h Tue Apr 16 14:01:07 1996
***************
*** 89,94 ****
--- 89,95 ----
int idx; /* which server we are connected to
*/
Destlist *subs;
Client *client;
+ long tkt_try;
};
struct _Realmname {
***************
*** 303,308 ****
--- 304,310 ----
Realm *realm_which_realm __P((struct sockaddr_in *who));
Realm *realm_get_realm_by_name __P((char *name));
void realm_handoff(ZNotice_t *, int, struct sockaddr_in *, Realm *, int);
+ char *realm_expand_realm(char *);
void realm_init __P((void));
Code_t ZCheckRealmAuthentication __P((ZNotice_t *, struct sockaddr_in *,
char *));
---
