pull up r19289 from trunk

r19289@cathode-dark-space: jaltman | 2007-03-27 09:37:30 -0400 ticket: 5469 This commit addresses several issues: (1) The registry key used for activating event reporting to the Windows application log was wrong. It should be "NetworkProvider" not "Network Provider" (2) Event logging of the state of the "Debug" value has been added so that it is possible to debug the use of event reporting. (3) The code no longer performs the pre-kinit operations if a password was not provided. (4) A new function KFW_copy_file_cache_to_api_cache() has been added. This is used instead of KFW_copy_file_cache_to_default_cache() permitting the default cache to be MSLSA, FILE, or anything else. The API cache name will be of the form API:principal just as is done by Network Identity Manager. ticket: 5469 version_fixed: 1.6.1 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19336 dc483132-0cff-0310-8789-dd5450dbe970
author: Tom Yu <tlyu@mit.edu> 2007-03-30 03:09:02 +0000
committer: Tom Yu <tlyu@mit.edu> 2007-03-30 03:09:02 +0000
commit: 197a0ec89fb7ec93481df5f89e8a500eb94b4527 (patch)
tree: 0278cef150247691a3abdb48d7651e14a084a20b
parent: 479b83a65f5e4e05816245f49950841441fbc865 (diff)
download: krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.zip
krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.tar.gz
krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.tar.bz2
2 files changed, 131 insertions, 20 deletions
diff --git a/src/windows/kfwlogon/kfwcommon.c b/src/windows/kfwlogon/kfwcommon.c
index b578d94..1a2de08 100644
--- a/src/windows/kfwlogon/kfwcommon.c
+++ b/src/windows/kfwlogon/kfwcommon.c
@@ -293,19 +293,41 @@ static HANDLE hDLL;
 
 BOOL IsDebugLogging(void)
 {
-    DWORD LSPtype, LSPsize;
+    DWORD LSPsize;
     HKEY NPKey;
     DWORD dwDebug = FALSE;
 
     if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, 
-		     "System\\CurrentControlSet\\Services\\MIT Kerberos\\Network Provider", 
-		     0, KEY_QUERY_VALUE, &NPKey) == ERROR_SUCCESS) {
+		     "System\\CurrentControlSet\\Services\\MIT Kerberos\\NetworkProvider", 
+		     0, KEY_QUERY_VALUE, &NPKey) == ERROR_SUCCESS) 
+    {
 	LSPsize=sizeof(dwDebug);
-	if (RegQueryValueEx(NPKey, "Debug", NULL, &LSPtype, (LPBYTE)&dwDebug, &LSPsize) != ERROR_SUCCESS 
-	    || LSPtype != REG_DWORD)
+	if (RegQueryValueEx(NPKey, "Debug", NULL, NULL, (LPBYTE)&dwDebug, &LSPsize) != ERROR_SUCCESS) 
+	{
+	    static int once = 0;
+
 	    dwDebug = FALSE;
 
+	    if (!once) {
+	        HANDLE h; char *ptbuf[1];
+		h = RegisterEventSource(NULL, KFW_LOGON_EVENT_NAME);
+		ptbuf[0] = "Unable to read debug value";
+		ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);
+		DeregisterEventSource(h);
+		once++;
+	    }
+	}
 	RegCloseKey (NPKey);
+    } else {
+	static int once = 0;
+	if (!once) {
+	    HANDLE h; char *ptbuf[1];
+ 	    h = RegisterEventSource(NULL, KFW_LOGON_EVENT_NAME);
+	    ptbuf[0] = "Unable to open network provider key";
+	    ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);
+	    DeregisterEventSource(h);
+	    once++;
+	}
     }
 
     return(dwDebug ? TRUE : FALSE);
@@ -719,7 +741,7 @@ KFW_get_cred( char * username,
     char * pname = 0;
     krb5_error_code code;
 
-    if (!pkrb5_init_context || !username || !password)
+    if (!pkrb5_init_context || !username || !password || !password[0])
         return 0;
 
     DebugEvent0(username);
@@ -751,22 +773,23 @@ KFW_get_cred( char * username,
     if ( code ) goto cleanup;
 
     DebugEvent0("got ccache");
+
     if ( lifetime == 0 )
         lifetime = pLeash_get_default_lifetime();
 
-    if ( password[0] ) {
-        code = KFW_kinit( ctx, cc, HWND_DESKTOP, 
-                          pname, 
-                          password,
-                          lifetime,
-                          pLeash_get_default_forwardable(),
-                          pLeash_get_default_proxiable(),
-                          pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0,
-                          pLeash_get_default_noaddresses(),
-                          pLeash_get_default_publicip());
-	DebugEvent0("kinit returned");
-        if ( code ) goto cleanup;
-    }
+    DebugEvent0("got lifetime");
+
+    code = KFW_kinit( ctx, cc, HWND_DESKTOP, 
+		      pname, 
+		      password,
+		      lifetime,
+		      pLeash_get_default_forwardable(),
+		      pLeash_get_default_proxiable(),
+		      pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0,
+		      pLeash_get_default_noaddresses(),
+		      pLeash_get_default_publicip());
+    DebugEvent0("kinit returned");
+    if ( code ) goto cleanup;
 
   cleanup:
     if ( pname )
@@ -1148,6 +1171,94 @@ KFW_copy_file_cache_to_default_cache(char * filename)
 }
 
 
+int
+KFW_copy_file_cache_to_api_cache(char * filename)
+{
+    char cachename[MAX_PATH + 8] = "FILE:";
+    krb5_context		ctx = 0;
+    krb5_error_code		code;
+    krb5_principal              princ = 0;
+    krb5_ccache			cc  = 0;
+    krb5_ccache                 ncc = 0;
+    char 			*name = NULL;
+    int retval = 1;
+
+    if (!pkrb5_init_context || !filename)
+        return 1;
+
+    if ( strlen(filename) + sizeof("FILE:") > sizeof(cachename) )
+        return 1;
+
+    strcat(cachename, filename);
+
+    code = pkrb5_init_context(&ctx);
+    if (code) ctx = 0;
+
+    code = pkrb5_cc_resolve(ctx, cachename, &cc);
+    if (code) {
+	DebugEvent0("kfwcpcc krb5_cc_resolve failed");
+	goto cleanup;
+    }
+    
+    code = pkrb5_cc_get_principal(ctx, cc, &princ);
+    if (code) {
+	DebugEvent0("kfwcpcc krb5_cc_get_principal failed");
+	goto cleanup;
+    }
+
+    code = pkrb5_unparse_name(ctx, princ, &name);
+    if (code) {
+	DebugEvent0("kfwcpcc krb5_unparse_name failed");
+	goto cleanup;
+    }
+
+    sprintf(cachename, "API:%s", name);
+
+    code = pkrb5_cc_resolve(ctx, cachename, &ncc);
+    if (code) {
+	DebugEvent0("kfwcpcc krb5_cc_default failed");
+	goto cleanup;
+    }
+    if (!code) {
+        code = pkrb5_cc_initialize(ctx, ncc, princ);
+
+        if (!code)
+            code = pkrb5_cc_copy_creds(ctx,cc,ncc);
+	if (code) {
+	    DebugEvent0("kfwcpcc krb5_cc_copy_creds failed");
+	    goto cleanup;
+	}
+    }
+    if ( ncc ) {
+        pkrb5_cc_close(ctx, ncc);
+        ncc = 0;
+    }
+
+    retval=0;   /* success */
+
+  cleanup:
+    if (name)
+	pkrb5_free_unparsed_name(ctx, name);
+
+    if ( cc ) {
+        pkrb5_cc_close(ctx, cc);
+        cc = 0;
+    }
+
+    DeleteFile(filename);
+
+    if ( princ ) {
+        pkrb5_free_principal(ctx, princ);
+        princ = 0;
+    }
+
+    if (ctx)
+        pkrb5_free_context(ctx);
+
+    return 0;
+}
+
+
 int 
 KFW_destroy_tickets_for_principal(char * user)
 {
diff --git a/src/windows/kfwlogon/kfwcpcc.c b/src/windows/kfwlogon/kfwcpcc.c
index c3485c0..5ff7785 100644
--- a/src/windows/kfwlogon/kfwcpcc.c
+++ b/src/windows/kfwlogon/kfwcpcc.c
@@ -33,7 +33,7 @@ int main(int argc, char *argv[])
 
     KFW_initialize();
 
-    return KFW_copy_file_cache_to_default_cache(argv[1]);
+    return KFW_copy_file_cache_to_api_cache(argv[1]);
 }
author	Tom Yu <tlyu@mit.edu>	2007-03-30 03:09:02 +0000
committer	Tom Yu <tlyu@mit.edu>	2007-03-30 03:09:02 +0000
commit	197a0ec89fb7ec93481df5f89e8a500eb94b4527 (patch)
tree	0278cef150247691a3abdb48d7651e14a084a20b
parent	479b83a65f5e4e05816245f49950841441fbc865 (diff)
download	krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.zip krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.tar.gz krb5-197a0ec89fb7ec93481df5f89e8a500eb94b4527.tar.bz2