BOOL NewCreds_OnOK (HWND hDlg)
{
TCHAR szCell[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_CELL, szCell, cchRESOURCE);
TCHAR szUser[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_USER, szUser, cchRESOURCE);
TCHAR szPassword[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_PASSWORD, szPassword, cchRESOURCE);
int rc;
if ((rc = ObtainNewCredentials (szCell, szUser, szPassword, FALSE)) != 0)
{
EnableWindow (GetDlgItem (hDlg, IDOK), TRUE);
EnableWindow (GetDlgItem (hDlg, IDCANCEL), TRUE);
EnableWindow (GetDlgItem (hDlg, IDC_NEWCREDS_CELL), TRUE);
EnableWindow (GetDlgItem (hDlg, IDC_NEWCREDS_USER), TRUE);
EnableWindow (GetDlgItem (hDlg, IDC_NEWCREDS_PASSWORD), TRUE);
return FALSE;
}
Main_RepopulateTabs (FALSE);
return TRUE;
}
BOOL CALLBACK WizCreds_DlgProc (HWND hDlg, UINT msg, WPARAM wp, LPARAM lp)
{
if (!WizCommon_DlgProc (hDlg, msg, wp, lp))
{
switch (msg)
{
case WM_INITDIALOG:
g.pWizard->EnableButtons (NEXT_BUTTON);
g.pWizard->SetButtonText (IDNEXT, IDS_WIZ_NEXT);
l.idh = IDH_AFSCREDS_WIZ_CREDS;
EnableWindow (GetDlgItem (GetParent (hDlg), IDHELP), TRUE);
WizCreds_OnInitDialog (hDlg);
break;
case WM_COMMAND:
switch (LOWORD(wp))
{
case IDNEXT:
if (!IsDlgButtonChecked (hDlg, IDC_YESCREDS))
{
g.pWizard->SetState (STEP_MOUNT);
}
else
{
TCHAR szCell[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_CELL, szCell, cchRESOURCE);
TCHAR szUser[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_USER, szUser, cchRESOURCE);
TCHAR szPassword[ cchRESOURCE ];
GetDlgItemText (hDlg, IDC_NEWCREDS_PASSWORD, szPassword, cchRESOURCE);
WizCreds_OnEnable (hDlg, FALSE);
if (ObtainNewCredentials (szCell, szUser, szPassword, FALSE) == 0)
{
g.pWizard->SetState (STEP_MOUNT);
}
else
{
WizCreds_OnEnable (hDlg);
}
}
break;
case IDC_NOCREDS:
case IDC_YESCREDS:
case IDC_NEWCREDS_CELL:
case IDC_NEWCREDS_USER:
case IDC_NEWCREDS_PASSWORD:
WizCreds_OnEnable (hDlg);
break;
}
break;
}
}
return FALSE;
}
void Main_OnRemindTimer (void)
{
Main_RepopulateTabs (TRUE);
// See if anything is close to expiring; if so, display a warning
// dialog. Make sure we never display a warning more than once.
//
size_t iExpired;
if ((iExpired = Main_FindExpiredCreds()) != -1) {
if (InterlockedIncrement (&g.fShowingMessage) != 1) {
InterlockedDecrement (&g.fShowingMessage);
} else {
char * rootcell = NULL;
char password[PROBE_PASSWORD_LEN+1];
struct afsconf_cell cellconfig;
BOOL serverReachable = FALSE;
DWORD code;
rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
if (!rootcell)
goto cleanup;
code = KFW_AFS_get_cellconfig(g.aCreds[ iExpired ].szCell,
(afsconf_cell*)&cellconfig, rootcell);
if (code)
goto cleanup;
if (KFW_is_available()) {
// If we can't use the FSProbe interface we can attempt to forge
// a kinit and if we can back an invalid user error we know the
// kdc is at least reachable
serverReachable = KFW_probe_kdc(&cellconfig);
} else {
int i;
for ( i=0 ; i<PROBE_PASSWORD_LEN ; i++ )
password[i] = 'x';
code = ObtainNewCredentials(rootcell, PROBE_USERNAME, password, TRUE);
switch ( code ) {
case INTK_BADPW:
case KERB_ERR_PRINCIPAL_UNKNOWN:
case KERB_ERR_SERVICE_EXP:
case RD_AP_TIME:
serverReachable = TRUE;
break;
default:
serverReachable = FALSE;
}
}
cleanup:
if (rootcell)
GlobalFree(rootcell);
if (serverReachable)
ShowObtainCreds (TRUE, g.aCreds[ iExpired ].szCell);
else
InterlockedDecrement (&g.fShowingMessage);
}
}
}
void
ObtainTokensFromUserIfNeeded(HWND hWnd)
{
char * rootcell = NULL;
char cell[MAXCELLCHARS+1] = "";
char password[PROBE_PASSWORD_LEN+1];
struct afsconf_cell cellconfig;
struct ktc_principal aserver;
struct ktc_principal aclient;
struct ktc_token atoken;
krb5_timestamp now = 0;
BOOL serverReachable = 0;
int rc;
DWORD CurrentState, code;
char HostName[64];
int use_kfw = KFW_is_available();
SYSTEMTIME stNow;
FILETIME ftNow;
LONGLONG llNow;
FILETIME ftExpires;
LONGLONG llExpires;
SYSTEMTIME stExpires;
CurrentState = 0;
memset(HostName, '\0', sizeof(HostName));
gethostname(HostName, sizeof(HostName));
if (GetServiceStatus(HostName, TRANSARCAFSDAEMON, &CurrentState) != NOERROR)
return;
if (CurrentState != SERVICE_RUNNING) {
SendMessage(hWnd, WM_START_SERVICE, FALSE, 0L);
return;
}
rootcell = (char *)GlobalAlloc(GPTR,MAXCELLCHARS+1);
if (!rootcell)
goto cleanup;
code = KFW_AFS_get_cellconfig(cell, (void*)&cellconfig, rootcell);
if (code)
goto cleanup;
memset(&aserver, '\0', sizeof(aserver));
strcpy(aserver.name, "afs");
strcpy(aserver.cell, rootcell);
GetLocalTime (&stNow);
SystemTimeToFileTime (&stNow, &ftNow);
llNow = (((LONGLONG)ftNow.dwHighDateTime) << 32) + (LONGLONG)(ftNow.dwLowDateTime);
llNow /= c100ns1SECOND;
rc = ktc_GetToken(&aserver, &atoken, sizeof(atoken), &aclient);
if ( rc == 0 ) {
TimeToSystemTime (&stExpires, atoken.endTime);
SystemTimeToFileTime (&stExpires, &ftExpires);
llExpires = (((LONGLONG)ftExpires.dwHighDateTime) << 32) + (LONGLONG)(ftExpires.dwLowDateTime);
llExpires /= c100ns1SECOND;
if (llNow < llExpires)
goto cleanup;
if ( IsDebuggerPresent() ) {
char message[256];
sprintf(message,"ObtainTokensFromUserIfNeeded: %d now = %ul endTime = %ul\n",
rc, llNow, llExpires);
OutputDebugString(message);
}
}
#ifdef USE_FSPROBE
serverReachable = cellPing(NULL);
#else
if (use_kfw) {
// If we can't use the FSProbe interface we can attempt to forge
// a kinit and if we can back an invalid user error we know the
// kdc is at least reachable
serverReachable = KFW_probe_kdc(&cellconfig);
} else {
int i;
for ( i=0 ; i<PROBE_PASSWORD_LEN ; i++ )
password[i] = 'x';
code = ObtainNewCredentials(rootcell, PROBE_USERNAME, password, TRUE);
switch ( code ) {
case INTK_BADPW:
case KERB_ERR_PRINCIPAL_UNKNOWN:
case KERB_ERR_SERVICE_EXP:
case RD_AP_TIME:
serverReachable = TRUE;
break;
default:
serverReachable = FALSE;
}
}
#endif
if ( !serverReachable ) {
if ( IsDebuggerPresent() )
OutputDebugString("Server Unreachable\n");
goto cleanup;
}
if ( IsDebuggerPresent() )
OutputDebugString("Server Reachable\n");
if ( use_kfw ) {
#ifdef USE_MS2MIT
KFW_import_windows_lsa();
#endif /* USE_MS2MIT */
KFW_AFS_renew_expiring_tokens();
KFW_AFS_renew_token_for_cell(rootcell);
rc = ktc_GetToken(&aserver, &atoken, sizeof(atoken), &aclient);
if ( rc == 0 ) {
TimeToSystemTime (&stExpires, atoken.endTime);
SystemTimeToFileTime (&stExpires, &ftExpires);
llExpires = (((LONGLONG)ftExpires.dwHighDateTime) << 32) + (LONGLONG)(ftExpires.dwLowDateTime);
llExpires /= c100ns1SECOND;
if (llNow < llExpires)
goto cleanup;
}
}
SendMessage(hWnd, WM_OBTAIN_TOKENS, FALSE, (long)rootcell);
rootcell = NULL; // rootcell freed by message receiver
cleanup:
if (rootcell)
GlobalFree(rootcell);
return;
}
