afs_int32 ka_UserAuthenticateGeneral(afs_int32 flags, char *name, char *instance, char *realm, char *password, Date lifetime, afs_int32 * password_expires, /* days 'til, or don't change if not set */ afs_int32 spare2, char **reasonP) { int remainingTime = 0; struct ktc_encryptionKey key; afs_int32 code, dosetpag = 0; if (reasonP) *reasonP = ""; if ((flags & KA_USERAUTH_VERSION_MASK) != KA_USERAUTH_VERSION) return KAOLDINTERFACE; if ((strcmp(name, "root") == 0) && (instance == 0)) { if (reasonP) *reasonP = "root is only authenticated locally"; return KANOENT; } code = ka_Init(0); if (code) return code; ka_StringToKey(password, realm, &key); /* * alarm is set by kpasswd only so ignore for * NT */ #ifndef AFS_NT40_ENV { /* Rx uses timers, save to be safe */ if (rx_socket) { /* don't reset alarms, rx already running */ remainingTime = 0; } else remainingTime = alarm(0); } #endif #if !defined(AFS_NT40_ENV) && !defined(AFS_LINUX20_ENV) && !defined(AFS_USR_LINUX20_ENV) && (!defined(AFS_XBSD_ENV) || defined(AFS_FBSD_ENV)) /* handle smoothly the case where no AFS system calls exists (yet) */ (void)signal(SIGSYS, SIG_IGN); #endif #ifdef AFS_DECOSF_ENV (void)signal(SIGTRAP, SIG_IGN); #endif /* AFS_DECOSF_ENV */ if (instance == 0) instance = ""; if (flags & KA_USERAUTH_ONLY_VERIFY) { code = ka_VerifyUserToken(name, instance, realm, &key); if (code == KABADREQUEST) { DES_string_to_key(password, ktc_to_cblockptr(&key)); code = ka_VerifyUserToken(name, instance, realm, &key); } } else { #ifdef AFS_DUX40_ENV if (flags & KA_USERAUTH_DOSETPAG) afs_setpag(); #else #if !defined(UKERNEL) && !defined(AFS_NT40_ENV) if (flags & KA_USERAUTH_DOSETPAG) setpag(); #endif #endif if (flags & KA_USERAUTH_DOSETPAG2) dosetpag = 1; #ifdef AFS_KERBEROS_ENV if ((flags & KA_USERAUTH_DOSETPAG) || dosetpag) ktc_newpag(); #endif if (lifetime == 0) lifetime = MAXKTCTICKETLIFETIME; code = GetTickets(name, instance, realm, &key, lifetime, password_expires, dosetpag); if (code == KABADREQUEST) { DES_string_to_key(password, ktc_to_cblockptr(&key)); code = GetTickets(name, instance, realm, &key, lifetime, password_expires, dosetpag); } } #ifndef AFS_NT40_ENV if (remainingTime) { pr_End(); rx_Finalize(); alarm(remainingTime); /* restore timer, if any */ } #endif if (code && reasonP) switch (code) { case KABADREQUEST: *reasonP = "password was incorrect"; break; case KAUBIKCALL: *reasonP = "Authentication Server was unavailable"; break; default: *reasonP = (char *)afs_error_message(code); } return code; }
/* * syscall - this is the VRMIX system call entry point. * * NOTE: * THIS SHOULD BE CHANGED TO afs_syscall(), but requires * all the user-level calls to `syscall' to change. */ syscall(syscall, p1, p2, p3, p4, p5, p6) { int rval1 = 0, code; int monster; int retval = 0; #ifndef AFS_AIX41_ENV extern lock_t kernel_lock; monster = lockl(&kernel_lock, LOCK_SHORT); #endif /* !AFS_AIX41_ENV */ AFS_STATCNT(syscall); setuerror(0); switch (syscall) { case AFSCALL_CALL: rval1 = afs_syscall_call(p1, p2, p3, p4, p5, p6); break; case AFSCALL_SETPAG: AFS_GLOCK(); rval1 = afs_setpag(); AFS_GUNLOCK(); break; case AFSCALL_PIOCTL: AFS_GLOCK(); rval1 = afs_syscall_pioctl(p1, p2, p3, p4); AFS_GUNLOCK(); break; case AFSCALL_ICREATE: rval1 = afs_syscall_icreate(p1, p2, p3, p4, p5, p6); break; case AFSCALL_IOPEN: rval1 = afs_syscall_iopen(p1, p2, p3); break; case AFSCALL_IDEC: rval1 = afs_syscall_iincdec(p1, p2, p3, -1); break; case AFSCALL_IINC: rval1 = afs_syscall_iincdec(p1, p2, p3, 1); break; case AFSCALL_ICL: AFS_GLOCK(); code = Afscall_icl(p1, p2, p3, p4, p5, &retval); AFS_GUNLOCK(); if (!code) rval1 = retval; if (!rval1) rval1 = code; break; default: rval1 = EINVAL; setuerror(EINVAL); break; } out: #ifndef AFS_AIX41_ENV if (monster != LOCK_NEST) unlockl(&kernel_lock); #endif /* !AFS_AIX41_ENV */ return getuerror()? -1 : rval1; }