BOOL AfsAppLib_CrackCredentials (UINT_PTR hCreds, LPTSTR pszCell, LPTSTR pszUser, LPSYSTEMTIME pst, ULONG *pStatus) { BOOL rc = FALSE; ULONG status = 0; UINT_PTR idClient; if ((idClient = AfsAppLib_GetAdminServerClientID()) != 0) { rc = asc_CredentialsCrack (idClient, (PVOID) hCreds, pszCell, pszUser, pst, &status); } else if (OpenClientLibrary()) { char szUserA[ cchRESOURCE ], szUser2A[ cchRESOURCE ]; char szCellA[ cchRESOURCE ]; unsigned long dateExpire; int fHasKasToken; if (afsclient_TokenQuery ((PVOID)hCreds, &dateExpire, szUserA, szUser2A, szCellA, &fHasKasToken, (afs_status_p)&status)) { rc = TRUE; CopyAnsiToString (pszUser, szUserA); CopyAnsiToString (pszCell, szCellA); AfsAppLib_UnixTimeToSystemTime (pst, dateExpire); } CloseClientLibrary(); } if (!hCreds && pStatus) *pStatus = status; return rc; }
// AfsAdmSvr_CrackCredentials // ...queries the specified AFS credentials token for its cell, user // and expiration date. // extern "C" int AfsAdmSvr_CrackCredentials (UINT_PTR idClient, UINT_PTR hCreds, STRING pszCell, STRING pszUser, SYSTEMTIME *pstExpiration, ULONG *pStatus) { ULONG status; size_t iOp = AfsAdmSvr_BeginOperation (idClient); if (!AfsAdmSvr_fIsValidClient (idClient)) return FALSE_(ERROR_INVALID_PARAMETER,pStatus,iOp); Print (dlDETAIL, TEXT("Client 0x%08lX: CrackCredentials (0x%08lX)"), idClient, hCreds); unsigned long dateExpirationQuery; int fHasKasTokenQuery; char szUser[ cchSTRING ]; char szUser2[ cchSTRING ]; char szCell[ cchSTRING ]; char *pszCellQuery = (pszCell) ? (char *)pszCell : szCell; char *pszUserQuery = (pszUser) ? (char *)pszUser : szUser; if (!afsclient_TokenQuery ((PVOID)hCreds, &dateExpirationQuery, pszUserQuery, szUser2, pszCellQuery, &fHasKasTokenQuery, (afs_status_p)&status)) return FALSE_(status, pStatus, iOp); if (pstExpiration) AfsAppLib_UnixTimeToSystemTime (pstExpiration, dateExpirationQuery); AfsAdmSvr_EndOperation (iOp); return TRUE; }
BOOL AfsAppLib_IsUserAdmin (UINT_PTR hCreds, LPTSTR pszUser) { #ifndef USE_KASERVER return TRUE; #else BOOL rc = FALSE; afs_status_t status; UINT_PTR idClient; if ((idClient = AfsAppLib_GetAdminServerClientID()) != 0) { TCHAR szCell[ cchRESOURCE ]; TCHAR szUser[ cchRESOURCE ]; SYSTEMTIME stExpire; if (asc_CredentialsCrack (idClient, hCreds, szCell, szUser, &stExpire, (ULONG*)&status)) { ASID idCell; if (asc_CellOpen (idClient, hCreds, szCell, AFSADMSVR_SCOPE_USERS, &idCell, (ULONG*)&status)) { ASID idUser; if (asc_ObjectFind (idClient, idCell, TYPE_USER, pszUser, &idUser, (ULONG*)&status)) { ASOBJPROP Info; if (asc_ObjectPropertiesGet (idClient, GET_ALL_DATA, idCell, idUser, &Info, (ULONG*)&status)) { if (Info.u.UserProperties.fHaveKasInfo) { rc = Info.u.UserProperties.KASINFO.fIsAdmin; } } } asc_CellClose (idClient, idCell, (ULONG*)&status); } } } else if (OpenClientLibrary()) { if (OpenKasLibrary()) { char szUserA[ cchRESOURCE ], szUser2A[ cchRESOURCE ]; char szCellA[ cchRESOURCE ]; unsigned long dateExpire; int fHasKasToken; if (afsclient_TokenQuery (hCreds, &dateExpire, szUserA, szUser2A, szCellA, &fHasKasToken, (afs_status_p)&status)) { PVOID hCell; if (afsclient_CellOpen (szCellA, hCreds, &hCell, &status)) { kas_identity_t Identity; memset (&Identity, 0x00, sizeof(Identity)); CopyStringToAnsi (Identity.principal, pszUser); kas_principalEntry_t Entry; if (kas_PrincipalGet (hCell, NULL, &Identity, &Entry, &status)) { if (Entry.adminSetting == KAS_ADMIN) rc = TRUE; } afsclient_CellClose (hCell, (afs_status_p)&status); } } CloseKasLibrary(); } CloseClientLibrary(); } return rc; #endif /* USE_KASERVER */ }