| kwarnd_proc.c (faebf794) | kwarnd_proc.c (24da5b34) |
|---|---|
| 1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 5 unchanged lines hidden (view full) --- 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* | 1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 5 unchanged lines hidden (view full) --- 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* |
| 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. | 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. |
| 23 * Use is subject to license terms. 24 */ 25 26#pragma ident "%Z%%M% %I% %E% SMI" 27 28/* 29 * RPC server procedures for the usermode daemon kwarnd. 30 */ --- 636 unchanged lines hidden (view full) --- 667 (void) close(fd[1]); 668 return (NULL); 669 } 670 return (fp); 671 } 672} 673 674 | 23 * Use is subject to license terms. 24 */ 25 26#pragma ident "%Z%%M% %I% %E% SMI" 27 28/* 29 * RPC server procedures for the usermode daemon kwarnd. 30 */ --- 636 unchanged lines hidden (view full) --- 667 (void) close(fd[1]); 668 return (NULL); 669 } 670 return (fp); 671 } 672} 673 674 |
| 675static uid_t gssd_uid; | 675static uid_t krb5_cc_uid; |
| 676 677void 678set_warnd_uid(uid_t uid) 679{ | 676 677void 678set_warnd_uid(uid_t uid) 679{ |
| 680 | |
| 681 /* | 680 /* |
| 682 * set the value of gssd_uid, so it can be retrieved when getuid() 683 * is called by the underlying mechanism libraries | 681 * set the value of krb5_cc_uid, so it can be retrieved when 682 * app_krb5_user_uid() is called by the underlying mechanism libraries. |
| 684 */ 685 if (kwarnd_debug) 686 printf("set_warnd_uid called with uid = %d\n", uid); | 683 */ 684 if (kwarnd_debug) 685 printf("set_warnd_uid called with uid = %d\n", uid); |
| 687 688 gssd_uid = uid; | 686 krb5_cc_uid = uid; |
| 689} 690 691uid_t | 687} 688 689uid_t |
| 692getuid(void) 693 | 690app_krb5_user_uid(void) |
| 694{ 695 696 /* | 691{ 692 693 /* |
| 697 * return the value set when one of the gssd procedures was | 694 * return the value set when one of the kwarnd procedures was |
| 698 * entered. This is the value of the uid under which the 699 * underlying mechanism library must operate in order to 700 * get the user's credentials. This call is necessary since | 695 * entered. This is the value of the uid under which the 696 * underlying mechanism library must operate in order to 697 * get the user's credentials. This call is necessary since |
| 701 * gssd runs as root and credentials are many times stored | 698 * kwarnd runs as root and credentials are many times stored |
| 702 * in files and directories specific to the user 703 */ 704 if (kwarnd_debug) | 699 * in files and directories specific to the user 700 */ 701 if (kwarnd_debug) |
| 705 printf("getuid called and returning gsssd_uid = %d\n", 706 gssd_uid); 707 708 return (gssd_uid); | 702 printf("app_krb5_user_uid called and returning uid = %d\n", 703 krb5_cc_uid); 704 return (krb5_cc_uid); |
| 709} 710 711 712static bool_t 713getpruid(char *pr, uid_t *uid) 714{ 715 char *rcp1 = NULL, *rcp2 = NULL, *rcp3 = NULL; 716 struct passwd *pw; --- 20 unchanged lines hidden (view full) --- 737renew_creds( 738 char *princ, 739 time_t *new_exp_time) /* out */ 740{ 741 krb5_creds my_creds; 742 krb5_error_code code = 0; 743 struct k5_data k5; 744 | 705} 706 707 708static bool_t 709getpruid(char *pr, uid_t *uid) 710{ 711 char *rcp1 = NULL, *rcp2 = NULL, *rcp3 = NULL; 712 struct passwd *pw; --- 20 unchanged lines hidden (view full) --- 733renew_creds( 734 char *princ, 735 time_t *new_exp_time) /* out */ 736{ 737 krb5_creds my_creds; 738 krb5_error_code code = 0; 739 struct k5_data k5; 740 |
| 745 uid_t saved_u = getuid(); | 741 uid_t saved_u = app_krb5_user_uid(); |
| 746 uid_t u; 747 748 if (kwarnd_debug) | 742 uid_t u; 743 744 if (kwarnd_debug) |
| 749 printf("renew start: uid=%d\n", getuid()); | 745 printf("renew start: uid=%d\n", app_krb5_user_uid()); |
| 750 751 if (!getpruid(princ, &u)) { 752 if (kwarnd_debug) 753 printf("renew: getpruid failed, princ='%s'\n", 754 princ ? princ : "<null>"); 755 756 return (-1); /* better err num? */ 757 } --- 54 unchanged lines hidden (view full) --- 812 krb5_cc_close(k5.ctx, k5.cc); 813 if (k5.ctx) 814 krb5_free_context(k5.ctx); 815 816 set_warnd_uid(saved_u); 817 818 if (kwarnd_debug) 819 printf("renew end: code=%s, uid=%d\n", error_message(code), | 746 747 if (!getpruid(princ, &u)) { 748 if (kwarnd_debug) 749 printf("renew: getpruid failed, princ='%s'\n", 750 princ ? princ : "<null>"); 751 752 return (-1); /* better err num? */ 753 } --- 54 unchanged lines hidden (view full) --- 808 krb5_cc_close(k5.ctx, k5.cc); 809 if (k5.ctx) 810 krb5_free_context(k5.ctx); 811 812 set_warnd_uid(saved_u); 813 814 if (kwarnd_debug) 815 printf("renew end: code=%s, uid=%d\n", error_message(code), |
| 820 getuid()); | 816 app_krb5_user_uid()); |
| 821 822 return (code); 823} 824 825static bool_t 826loggedon(char *name) 827{ 828 register struct utmpx *ubuf; --- 49 unchanged lines hidden (view full) --- 878 int minutes; 879 char buff[256]; 880 char cmdline[256]; 881 FILE *fp; 882 char *subj = "Kerberos credentials expiring"; 883 char *renew_subj = "Kerberos credentials renewed"; 884 885 if (kwarnd_debug) | 817 818 return (code); 819} 820 821static bool_t 822loggedon(char *name) 823{ 824 register struct utmpx *ubuf; --- 49 unchanged lines hidden (view full) --- 874 int minutes; 875 char buff[256]; 876 char cmdline[256]; 877 FILE *fp; 878 char *subj = "Kerberos credentials expiring"; 879 char *renew_subj = "Kerberos credentials renewed"; 880 881 if (kwarnd_debug) |
| 886 printf("check list: start: getuid=%d, cw list=%p\n", getuid(), 887 cred_warning_list); | 882 printf("check list: start: uid=%d, cw list=%p\n", 883 app_krb5_user_uid(), cred_warning_list); |
| 888 889 while (1) { 890 (void) poll(NULL, NULL, 60000); 891 892 for (cw = cred_warning_list; 893 cw != NULL; 894 cw = cw->next) { 895 int send_msg = 0; --- 209 unchanged lines hidden --- | 884 885 while (1) { 886 (void) poll(NULL, NULL, 60000); 887 888 for (cw = cred_warning_list; 889 cw != NULL; 890 cw = cw->next) { 891 int send_msg = 0; --- 209 unchanged lines hidden --- |