diff options
| author | gtb <none@none> | 2008-05-01 15:29:41 -0700 |
|---|---|---|
| committer | gtb <none@none> | 2008-05-01 15:29:41 -0700 |
| commit | 32885d593baf8bac788fa78885893a51b3ad0f28 (patch) | |
| tree | 180b4917d7dde90eb20e652a4030b2775b1cda85 /usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c | |
| parent | b54157c1b1bf9673e4da8b526477d59202cd08a6 (diff) | |
| download | illumos-joyent-32885d593baf8bac788fa78885893a51b3ad0f28.tar.gz | |
6516568 Warning messages still being displayed on krb ccache ownership
6574888 Principals using delegated credentials are not being registered with ktkt_warnd for auto-renewal
6689008 kwarn_add_warning should not output errors to stderr
Diffstat (limited to 'usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c')
| -rw-r--r-- | usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c b/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c index abab7ec700..afffb546cd 100644 --- a/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c +++ b/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -156,10 +156,12 @@ static char subbuffer[4096], *subpointer = subbuffer, *subend = subbuffer; #define SB_EOF() (subpointer >= subend) #define SB_LEN() (subend - subpointer) -#define MAXCCACHENAMELEN 36 #define MAXERRSTRLEN 1024 #define MAXPRINCLEN 256 +extern uint_t kwarn_add_warning(char *, int); +extern uint_t kwarn_del_warning(char *); + static boolean_t auth_debug = 0; static boolean_t negotiate_auth_krb5 = 1; static boolean_t auth_negotiated = 0; @@ -465,8 +467,9 @@ rd_and_store_forwarded_creds(krb5_context context, { krb5_creds **creds; krb5_error_code retval; - char ccname[MAXCCACHENAMELEN]; + char ccname[MAXPATHLEN]; krb5_ccache ccache = NULL; + char *client_name = NULL; if (retval = krb5_rd_cred(context, auth_context, inbuf, &creds, NULL)) return (retval); @@ -487,6 +490,23 @@ rd_and_store_forwarded_creds(krb5_context context, if ((retval = krb5_cc_close(context, ccache)) != 0) goto cleanup; + /* Register with ktkt_warnd(1M) */ + if ((retval = krb5_unparse_name(context, (*creds)->client, + &client_name)) != 0) + goto cleanup; + (void) kwarn_del_warning(client_name); + if (kwarn_add_warning(client_name, (*creds)->times.endtime) != 0) { + syslog(LOG_AUTH|LOG_NOTICE, + "rd_and_store_forwarded_creds: kwarn_add_warning" + " failed: ktkt_warnd(1M) down? "); + if (auth_debug) + (void) fprintf(stderr, + "kwarn_add_warning failed:" + " ktkt_warnd(1M) down?\n"); + } + free(client_name); + client_name = NULL; + if (username != NULL) { /* * This verifies that the user is valid on the local system, |