Tru64 auth updates (from trunk).

diff --git a/NEWS b/NEWS
index 49bf27819a4a987fb9212535bc4ee11ddff440fd..f7545c00899160b369572adf9608c910c9295a2f 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,7 @@ Changes from 1.5.2
        with _no_ shell.  Also, send a log message if a user is refused login
        based on the fact that they have no shell.
 * UPD: Autoconf updates.
+* UPD: Tru64 afpd authentication updates.
 * FIX: Problems with Photoshop trying to open image files has been
        corrected.
 * FIX: Preserve special permission bits when creating or modifying

diff --git a/etc/afpd/uam.c b/etc/afpd/uam.c
index a07787d8d061d0aad7a576b834ead48b549bf092..7eb680f8a3cd2f0a2065aaa7c5002a1dbdb1b6fa 100644 (file)
--- a/etc/afpd/uam.c
+++ b/etc/afpd/uam.c
@@ -1,5 +1,5 @@
 /*
- * $Id: uam.c,v 1.15.2.3 2002-03-11 17:54:44 jmarcus Exp $
+ * $Id: uam.c,v 1.15.2.4 2002-03-12 15:21:12 srittau Exp $
  *
  * Copyright (c) 1999 Adrian Sun (asun@zoology.washington.edu)
  * All Rights Reserved.  See COPYRIGHT.
@@ -58,6 +58,9 @@ char *strchr (), *strrchr ();
 
 #ifdef TRU64
 #include <netdb.h>
+#include <sia.h>
+#include <siad.h>
+#include <signal.h>
 #endif /* TRU64 */
 
 /* --- server uam functions -- */
@@ -434,6 +437,48 @@ void uam_afp_getcmdline( int *ac, char ***av )
 {
     afp_get_cmdline( ac, av );
 }
+
+int uam_sia_validate_user(sia_collect_func_t * collect, int argc, char **argv,
+                         char *hostname, char *username, char *tty,
+                         int colinput, char *gssapi, char *passphrase)
+/* A clone of the Tru64 system function sia_validate_user() that calls
+ * sia_ses_authent() rather than sia_ses_reauthent()   
+ * Added extra code to take into account suspected SIA bug whereby it clobbers
+ * the signal handler on SIGALRM (tickle) installed by Netatalk/afpd
+ */
+{
+       SIAENTITY *entity = NULL;
+       struct sigaction act;
+       int rc;
+
+       if ((rc=sia_ses_init(&entity, argc, argv, hostname, username, tty,
+                            colinput, gssapi)) != SIASUCCESS) {
+               LOG(log_error, logtype_default, "cannot initialise SIA");
+               return SIAFAIL;
+       }
+
+       /* save old action for restoration later */
+       if (sigaction(SIGALRM, NULL, &act))
+               LOG(log_error, logtype_default, "cannot save SIGALRM handler");
+
+       if ((rc=sia_ses_authent(collect, passphrase, entity)) != SIASUCCESS) {
+               /* restore old action after clobbering by sia_ses_authent() */
+               if (sigaction(SIGALRM, &act, NULL))
+                       LOG(log_error, logtype_default, "cannot restore SIGALRM +
+               LOG(log_info, logtype_default, "unsuccessful login for %s",
+(hostname?hostname:"(null)"));
+               return SIAFAIL;
+       }
+       LOG(log_info, logtype_default, "successful login for %s",
+(hostname?hostname:"(null)"));
+
+       /* restore old action after clobbering by sia_ses_authent() */   
+       if (sigaction(SIGALRM, &act, NULL))
+               LOG(log_error, logtype_default, "cannot restore SIGALRM handler"+
+       sia_ses_release(&entity);
+
+       return SIASUCCESS;
+}
 #endif /* TRU64 */
 
 /* --- papd-specific functions (just placeholders) --- */