source: trunk/third/openafs/secure-pts @ 3008

Last change on this file since 3008 was 2316, checked in by broder, 17 years ago

Invirtify openafs to include the pts -encrypt patch.
File size: 1.7 KB
Line 
1Index: openafs-1.4.6.dfsg1/src/ptserver/pts.c
2===================================================================
3--- openafs-1.4.6.dfsg1.orig/src/ptserver/pts.c 2007-08-11 19:54:04.000000000 -0400
4+++ openafs-1.4.6.dfsg1/src/ptserver/pts.c      2008-12-19 23:54:55.000000000 -0500
5@@ -146,6 +146,8 @@
6        cell = 0;
7     if (as->parms[17].items)
8        sec = 0;
9+    if (as->parms[20].items) /* -encrypt */
10+       sec = 3;
11 
12     if (as->parms[18].items) { /* testing? */
13        code = pr_Initialize(sec, AFSDIR_SERVER_ETC_DIRPATH, cell);
14@@ -972,6 +974,7 @@
15     cmd_AddParm(ts, "-test", CMD_FLAG, CMD_OPTIONAL | CMD_HIDE, test_help);
16     cmd_AddParm(ts, "-force", CMD_FLAG, CMD_OPTIONAL,
17                "Continue oper despite reasonable errors");
18+    cmd_AddParm(ts, "-encrypt", CMD_FLAG, CMD_OPTIONAL, "encrypt commands");
19 }
20 
21 /*
22Index: openafs-1.4.6.dfsg1/src/ptserver/ptuser.c
23===================================================================
24--- openafs-1.4.6.dfsg1.orig/src/ptserver/ptuser.c      2007-04-10 14:43:45.000000000 -0400
25+++ openafs-1.4.6.dfsg1/src/ptserver/ptuser.c   2008-12-19 23:56:27.000000000 -0500
26@@ -200,8 +200,11 @@
27        sname.instance[0] = 0;
28        strcpy(sname.name, "afs");
29        code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL);
30-       if (code)
31+       if (code) {
32+           if (secLevel > 1)
33+               return code;
34            scIndex = 0;
35+       }
36        else {
37            if (ttoken.kvno >= 0 && ttoken.kvno <= 256)
38                /* this is a kerberos ticket, set scIndex accordingly */
39@@ -213,7 +216,8 @@
40                scIndex = 2;
41            }
42            sc[2] =
43-               rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey,
44+               rxkad_NewClientSecurityObject((secLevel > 1) ? rxkad_crypt :
45+                                             rxkad_clear, &ttoken.sessionKey,
46                                              ttoken.kvno, ttoken.ticketLen,
47                                              ttoken.ticket);
48        }
Note: See TracBrowser for help on using the repository browser.