From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Fri, 2 Dec 2005 10:30:57 +0000 (+0000)
Subject: KFW Network Provider updates for KFW 3.0 Beta 3
X-Git-Tag: ms-bug-test-20060525~46
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b5f6a77b27b8b942c0179f99131edca986f916d1;p=krb5.git
KFW Network Provider updates for KFW 3.0 Beta 3
Wrap debugging statements
Fix bug in KFW_get_cred that prevents acquisition of
credentials.
ticket: new
component: windows
status: resolved
target_version: 1.4.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17534 dc483132-0cff-0310-8789-dd5450dbe970
---
diff --git a/src/windows/kfwlogon/kfwcommon.c b/src/windows/kfwlogon/kfwcommon.c
index 4074d0da9..251e1436b 100644
--- a/src/windows/kfwlogon/kfwcommon.c
+++ b/src/windows/kfwlogon/kfwcommon.c
@@ -289,17 +289,20 @@ static HANDLE hDLL;
void DebugEvent0(char *a)
{
+#ifdef DEBUG
HANDLE h; char *ptbuf[1];
h = RegisterEventSource(NULL, KFW_LOGON_EVENT_NAME);
ptbuf[0] = a;
ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);
DeregisterEventSource(h);
+#endif
}
#define MAXBUF_ 512
void DebugEvent(char *b,...)
{
+#ifdef DEBUG
HANDLE h; char *ptbuf[1],buf[MAXBUF_+1];
va_list marker;
@@ -311,6 +314,7 @@ void DebugEvent(char *b,...)
ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);
DeregisterEventSource(h);
va_end(marker);
+#endif
}
void
@@ -482,7 +486,8 @@ KFW_get_ccache(krb5_context alt_ctx, krb5_principal principal, krb5_ccache * cc)
ccname = (char *)malloc(strlen(pname) + 5);
sprintf(ccname,"API:%s",pname);
-
+
+ DebugEvent0(ccname);
code = pkrb5_cc_resolve(ctx, ccname, cc);
} else {
code = pkrb5_cc_default(ctx, cc);
@@ -685,56 +690,47 @@ KFW_get_cred( char * username,
{
krb5_context ctx = 0;
krb5_ccache cc = 0;
- char * realm = 0, * userrealm = 0;
- int free_realm = 0;
+ char * realm = 0;
krb5_principal principal = 0;
char * pname = 0;
krb5_error_code code;
- if (!pkrb5_init_context)
+ if (!pkrb5_init_context || !username || !password)
return 0;
- if ( IsDebuggerPresent() ) {
- OutputDebugString("KFW_get_cred for token ");
- OutputDebugString(username);
- OutputDebugString("\n");
- }
+ DebugEvent0(username);
code = pkrb5_init_context(&ctx);
if ( code ) goto cleanup;
code = pkrb5_get_default_realm(ctx, &realm);
- userrealm = strchr(username,'@');
if (realm) {
- free_realm = 1;
pname = malloc(strlen(username) + strlen(realm) + 2);
- userrealm = strchr(pname, '@');
- userrealm++;
- strcat(userrealm, realm);
+ if (!pname)
+ goto cleanup;
+ strcpy(pname, username);
+ strcat(pname, "@");
+ strcat(pname, realm);
} else {
- pname = strdup(username);
- userrealm = strchr(pname, '@');
- userrealm++;
- realm = userrealm;
+ goto cleanup;
}
- if ( IsDebuggerPresent() ) {
- OutputDebugString("Realm: ");
- OutputDebugString(realm);
- OutputDebugString("\n");
- }
+ DebugEvent0(realm);
+ DebugEvent0(pname);
code = pkrb5_parse_name(ctx, pname, &principal);
if ( code ) goto cleanup;
+ DebugEvent0("parsed name");
code = KFW_get_ccache(ctx, principal, &cc);
if ( code ) goto cleanup;
+ DebugEvent0("got ccache");
if ( lifetime == 0 )
lifetime = pLeash_get_default_lifetime();
- if ( password && password[0] ) {
+ if ( password[0] ) {
code = KFW_kinit( ctx, cc, HWND_DESKTOP,
pname,
password,
@@ -744,17 +740,15 @@ KFW_get_cred( char * username,
pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0,
pLeash_get_default_noaddresses(),
pLeash_get_default_publicip());
- if ( IsDebuggerPresent() ) {
- char message[256];
- sprintf(message,"KFW_kinit() returns: %d\n",code);
- OutputDebugString(message);
- }
+ DebugEvent0("kinit returned");
if ( code ) goto cleanup;
}
cleanup:
if ( pname )
free(pname);
+ if ( realm )
+ pkrb5_free_default_realm(ctx, realm);
if ( cc )
pkrb5_cc_close(ctx, cc);
@@ -784,8 +778,11 @@ KFW_copy_cache_to_system_file(char * user, char * szLogonId)
GetWindowsDirectory(filename, sizeof(filename));
}
- if ( strlen(filename) + strlen(szLogonId) + 2 > sizeof(filename) )
+ DebugEvent0(filename);
+ if ( strlen(filename) + strlen(szLogonId) + 2 > sizeof(filename) ) {
+ DebugEvent0("filename buffer too small");
return;
+ }
strcat(filename, "\\");
strcat(filename, szLogonId);
@@ -795,7 +792,7 @@ KFW_copy_cache_to_system_file(char * user, char * szLogonId)
DeleteFile(filename);
code = pkrb5_init_context(&ctx);
- if (code) ctx = 0;
+ if (code) goto cleanup;
code = pkrb5_parse_name(ctx, user, &princ);
if (code) goto cleanup;
@@ -902,12 +899,6 @@ KFW_destroy_tickets_for_principal(char * user)
if (!pkrb5_init_context)
return 0;
- if ( IsDebuggerPresent() ) {
- OutputDebugString("KFW_destroy_tickets_for_user: ");
- OutputDebugString(user);
- OutputDebugString("\n");
- }
-
code = pkrb5_init_context(&ctx);
if (code) ctx = 0;
diff --git a/src/windows/kfwlogon/kfwlogon.c b/src/windows/kfwlogon/kfwlogon.c
index 70b623483..eddf27341 100644
--- a/src/windows/kfwlogon/kfwlogon.c
+++ b/src/windows/kfwlogon/kfwlogon.c
@@ -147,8 +147,11 @@ DWORD APIENTRY NPLogonNotify(
if ( wcscmp(lpAuthentInfoType,L"MSV1_0:Interactive") &&
wcscmp(lpAuthentInfoType,L"Kerberos:Interactive") )
{
- DebugEvent("Unsupported Authentication Info Type: %S",
- lpAuthentInfoType);
+ char msg[64];
+ WideCharToMultiByte(CP_ACP, 0, lpAuthentInfoType, 0,
+ msg, sizeof(msg), NULL, NULL);
+ msg[sizeof(msg)-1]='\0';
+ DebugEvent("NPLogonNotify - Unsupported Authentication Info Type: %s", msg);
return 0;
}
@@ -164,7 +167,7 @@ DWORD APIENTRY NPLogonNotify(
UnicodeStringToANSI(IL->Password, password, MAX_PASSWORD_LENGTH);
UnicodeStringToANSI(IL->LogonDomainName, logonDomain, MAX_DOMAIN_LENGTH);
- /* Make sure AD-DOMANS sent from login that is sent to us is stripped */
+ /* Make sure AD-DOMAINS sent from login that is sent to us is stripped */
ctemp = strchr(uname, '@');
if (ctemp) *ctemp = 0;
@@ -177,13 +180,15 @@ DWORD APIENTRY NPLogonNotify(
}
code = KFW_get_cred(uname, password, 0, &reason);
- DebugEvent("KFW_get_cred uname=[%s] code=[%d]",uname, code);
+ DebugEvent("NPLogonNotify - KFW_get_cred uname=[%s] code=[%d]",uname, code);
/* remove any kerberos 5 tickets currently held by the SYSTEM account
* for this user
*/
- sprintf(szLogonId,"kfwlogon-%d.%d",lpLogonId->HighPart, lpLogonId->LowPart);
- KFW_copy_cache_to_system_file(uname, szLogonId);
+ if (!code) {
+ sprintf(szLogonId,"kfwlogon-%d.%d",lpLogonId->HighPart, lpLogonId->LowPart);
+ KFW_copy_cache_to_system_file(uname, szLogonId);
+ }
KFW_destroy_tickets_for_principal(uname);
@@ -202,6 +207,11 @@ DWORD APIENTRY NPLogonNotify(
SetLastError(code);
}
+ if (code)
+ DebugEvent0("NPLogonNotify failure");
+ else
+ DebugEvent0("NPLogonNotify success");
+
return code;
}