afs_int32
ka_UserAuthenticateGeneral(afs_int32 flags, char *name, char *instance,
char *realm, char *password, Date lifetime,
afs_int32 * password_expires, /* days 'til, or don't change if not set */
afs_int32 spare2, char **reasonP)
{
int remainingTime = 0;
struct ktc_encryptionKey key;
afs_int32 code, dosetpag = 0;
if (reasonP)
*reasonP = "";
if ((flags & KA_USERAUTH_VERSION_MASK) != KA_USERAUTH_VERSION)
return KAOLDINTERFACE;
if ((strcmp(name, "root") == 0) && (instance == 0)) {
if (reasonP)
*reasonP = "root is only authenticated locally";
return KANOENT;
}
code = ka_Init(0);
if (code)
return code;
ka_StringToKey(password, realm, &key);
/*
* alarm is set by kpasswd only so ignore for
* NT
*/
#ifndef AFS_NT40_ENV
{ /* Rx uses timers, save to be safe */
if (rx_socket) {
/* don't reset alarms, rx already running */
remainingTime = 0;
} else
remainingTime = alarm(0);
}
#endif
#if !defined(AFS_NT40_ENV) && !defined(AFS_LINUX20_ENV) && !defined(AFS_USR_LINUX20_ENV) && (!defined(AFS_XBSD_ENV) || defined(AFS_FBSD_ENV))
/* handle smoothly the case where no AFS system calls exists (yet) */
(void)signal(SIGSYS, SIG_IGN);
#endif
#ifdef AFS_DECOSF_ENV
(void)signal(SIGTRAP, SIG_IGN);
#endif /* AFS_DECOSF_ENV */
if (instance == 0)
instance = "";
if (flags & KA_USERAUTH_ONLY_VERIFY) {
code = ka_VerifyUserToken(name, instance, realm, &key);
if (code == KABADREQUEST) {
DES_string_to_key(password, ktc_to_cblockptr(&key));
code = ka_VerifyUserToken(name, instance, realm, &key);
}
} else {
#ifdef AFS_DUX40_ENV
if (flags & KA_USERAUTH_DOSETPAG)
afs_setpag();
#else
#if !defined(UKERNEL) && !defined(AFS_NT40_ENV)
if (flags & KA_USERAUTH_DOSETPAG)
setpag();
#endif
#endif
if (flags & KA_USERAUTH_DOSETPAG2)
dosetpag = 1;
#ifdef AFS_KERBEROS_ENV
if ((flags & KA_USERAUTH_DOSETPAG) || dosetpag)
ktc_newpag();
#endif
if (lifetime == 0)
lifetime = MAXKTCTICKETLIFETIME;
code =
GetTickets(name, instance, realm, &key, lifetime,
password_expires, dosetpag);
if (code == KABADREQUEST) {
DES_string_to_key(password, ktc_to_cblockptr(&key));
code =
GetTickets(name, instance, realm, &key, lifetime,
password_expires, dosetpag);
}
}
#ifndef AFS_NT40_ENV
if (remainingTime) {
pr_End();
rx_Finalize();
alarm(remainingTime); /* restore timer, if any */
}
#endif
if (code && reasonP)
switch (code) {
case KABADREQUEST:
*reasonP = "password was incorrect";
break;
case KAUBIKCALL:
*reasonP = "Authentication Server was unavailable";
break;
default:
*reasonP = (char *)afs_error_message(code);
}
return code;
}
/*
* syscall - this is the VRMIX system call entry point.
*
* NOTE:
* THIS SHOULD BE CHANGED TO afs_syscall(), but requires
* all the user-level calls to `syscall' to change.
*/
syscall(syscall, p1, p2, p3, p4, p5, p6)
{
int rval1 = 0, code;
int monster;
int retval = 0;
#ifndef AFS_AIX41_ENV
extern lock_t kernel_lock;
monster = lockl(&kernel_lock, LOCK_SHORT);
#endif /* !AFS_AIX41_ENV */
AFS_STATCNT(syscall);
setuerror(0);
switch (syscall) {
case AFSCALL_CALL:
rval1 = afs_syscall_call(p1, p2, p3, p4, p5, p6);
break;
case AFSCALL_SETPAG:
AFS_GLOCK();
rval1 = afs_setpag();
AFS_GUNLOCK();
break;
case AFSCALL_PIOCTL:
AFS_GLOCK();
rval1 = afs_syscall_pioctl(p1, p2, p3, p4);
AFS_GUNLOCK();
break;
case AFSCALL_ICREATE:
rval1 = afs_syscall_icreate(p1, p2, p3, p4, p5, p6);
break;
case AFSCALL_IOPEN:
rval1 = afs_syscall_iopen(p1, p2, p3);
break;
case AFSCALL_IDEC:
rval1 = afs_syscall_iincdec(p1, p2, p3, -1);
break;
case AFSCALL_IINC:
rval1 = afs_syscall_iincdec(p1, p2, p3, 1);
break;
case AFSCALL_ICL:
AFS_GLOCK();
code = Afscall_icl(p1, p2, p3, p4, p5, &retval);
AFS_GUNLOCK();
if (!code)
rval1 = retval;
if (!rval1)
rval1 = code;
break;
default:
rval1 = EINVAL;
setuerror(EINVAL);
break;
}
out:
#ifndef AFS_AIX41_ENV
if (monster != LOCK_NEST)
unlockl(&kernel_lock);
#endif /* !AFS_AIX41_ENV */
return getuerror()? -1 : rval1;
}
