KFW Network Provider updates for KFW 3.0 Beta 3

Wrap debugging statements 

Fix bug in KFW_get_cred that prevents acquisition of 
credentials.

ticket: new
component: windows
status: resolved
target_version: 1.4.4
tags: pullup 

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17534 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 44 insertions, 43 deletions

diff --git a/src/windows/kfwlogon/kfwcommon.c b/src/windows/kfwlogon/kfwcommon.c
index 4074d0da92..251e1436b7 100644
--- a/src/windows/kfwlogon/kfwcommon.c
+++ b/src/windows/kfwlogon/kfwcommon.c
@@ -289,17 +289,20 @@ static HANDLE hDLL;
 

 void DebugEvent0(char *a) 

 {

+#ifdef DEBUG

     HANDLE h; char *ptbuf[1];

     

     h = RegisterEventSource(NULL, KFW_LOGON_EVENT_NAME);

     ptbuf[0] = a;

     ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);

     DeregisterEventSource(h);

+#endif

 }

 

 #define MAXBUF_ 512

 void DebugEvent(char *b,...) 

 {

+#ifdef DEBUG

     HANDLE h; char *ptbuf[1],buf[MAXBUF_+1];

     va_list marker;

 

@@ -311,6 +314,7 @@ void DebugEvent(char *b,...)
     ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);

     DeregisterEventSource(h);

     va_end(marker);

+#endif

 }

 

 void

@@ -482,7 +486,8 @@ KFW_get_ccache(krb5_context alt_ctx, krb5_principal principal, krb5_ccache * cc)
 

 	ccname = (char *)malloc(strlen(pname) + 5);

 	sprintf(ccname,"API:%s",pname);

-        

+

+	DebugEvent0(ccname);

 	code = pkrb5_cc_resolve(ctx, ccname, cc);

     } else {

         code = pkrb5_cc_default(ctx, cc);

@@ -685,56 +690,47 @@ KFW_get_cred( char * username,
 {

     krb5_context ctx = 0;

     krb5_ccache cc = 0;

-    char * realm = 0, * userrealm = 0;

-    int free_realm = 0;

+    char * realm = 0;

     krb5_principal principal = 0;

     char * pname = 0;

     krb5_error_code code;

 

-    if (!pkrb5_init_context)

+    if (!pkrb5_init_context || !username || !password)

         return 0;

 

-    if ( IsDebuggerPresent() ) {

-        OutputDebugString("KFW_get_cred for token ");

-        OutputDebugString(username);

-        OutputDebugString("\n");

-    }

+    DebugEvent0(username);

 

     code = pkrb5_init_context(&ctx);

     if ( code ) goto cleanup;

 

     code = pkrb5_get_default_realm(ctx, &realm);

 

-    userrealm = strchr(username,'@');

     if (realm) {

-	free_realm = 1;

         pname = malloc(strlen(username) + strlen(realm) + 2);

-        userrealm = strchr(pname, '@');

-        userrealm++;

-	strcat(userrealm, realm);

+	if (!pname)

+	    goto cleanup;

+	strcpy(pname, username);

+	strcat(pname, "@");

+	strcat(pname, realm);

     } else {

-        pname = strdup(username);

-        userrealm = strchr(pname, '@');

-        userrealm++;

-	realm = userrealm;

+	goto cleanup;

     }

     

-    if ( IsDebuggerPresent() ) {

-        OutputDebugString("Realm: ");

-        OutputDebugString(realm);

-        OutputDebugString("\n");

-    }

+    DebugEvent0(realm);

+    DebugEvent0(pname);

 

     code = pkrb5_parse_name(ctx, pname, &principal);

     if ( code ) goto cleanup;

 

+    DebugEvent0("parsed name");

     code = KFW_get_ccache(ctx, principal, &cc);

     if ( code ) goto cleanup;

 

+    DebugEvent0("got ccache");

     if ( lifetime == 0 )

         lifetime = pLeash_get_default_lifetime();

 

-    if ( password && password[0] ) {

+    if ( password[0] ) {

         code = KFW_kinit( ctx, cc, HWND_DESKTOP, 

                           pname, 

                           password,

@@ -744,17 +740,15 @@ KFW_get_cred( char * username,
                           pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0,

                           pLeash_get_default_noaddresses(),

                           pLeash_get_default_publicip());

-        if ( IsDebuggerPresent() ) {

-            char message[256];

-            sprintf(message,"KFW_kinit() returns: %d\n",code);

-            OutputDebugString(message);

-        }

+	DebugEvent0("kinit returned");

         if ( code ) goto cleanup;

     }

 

   cleanup:

     if ( pname )

         free(pname);

+    if ( realm )

+	pkrb5_free_default_realm(ctx, realm);

     if ( cc )

         pkrb5_cc_close(ctx, cc);

 

@@ -784,8 +778,11 @@ KFW_copy_cache_to_system_file(char * user, char * szLogonId)
         GetWindowsDirectory(filename, sizeof(filename));

     }

 

-    if ( strlen(filename) + strlen(szLogonId) + 2 > sizeof(filename) )

+    DebugEvent0(filename);

+    if ( strlen(filename) + strlen(szLogonId) + 2 > sizeof(filename) ) {

+	DebugEvent0("filename buffer too small");

         return;

+    }

 

     strcat(filename, "\\");

     strcat(filename, szLogonId);    

@@ -795,7 +792,7 @@ KFW_copy_cache_to_system_file(char * user, char * szLogonId)
     DeleteFile(filename);

 

     code = pkrb5_init_context(&ctx);

-    if (code) ctx = 0;

+    if (code) goto cleanup;

 

     code = pkrb5_parse_name(ctx, user, &princ);

     if (code) goto cleanup;

@@ -902,12 +899,6 @@ KFW_destroy_tickets_for_principal(char * user)
     if (!pkrb5_init_context)

         return 0;

 

-    if ( IsDebuggerPresent() ) {

-        OutputDebugString("KFW_destroy_tickets_for_user: ");

-        OutputDebugString(user);

-        OutputDebugString("\n");

-    }

-

     code = pkrb5_init_context(&ctx);

     if (code) ctx = 0;

 

diff --git a/src/windows/kfwlogon/kfwlogon.c b/src/windows/kfwlogon/kfwlogon.c
index 70b6234830..eddf273412 100644
--- a/src/windows/kfwlogon/kfwlogon.c
+++ b/src/windows/kfwlogon/kfwlogon.c
@@ -147,8 +147,11 @@ DWORD APIENTRY NPLogonNotify(
     if ( wcscmp(lpAuthentInfoType,L"MSV1_0:Interactive") && 

          wcscmp(lpAuthentInfoType,L"Kerberos:Interactive") )

     {

-        DebugEvent("Unsupported Authentication Info Type: %S",

-                   lpAuthentInfoType);

+	char msg[64];

+	WideCharToMultiByte(CP_ACP, 0, lpAuthentInfoType, 0, 

+			    msg, sizeof(msg), NULL, NULL);

+	msg[sizeof(msg)-1]='\0';

+        DebugEvent("NPLogonNotify - Unsupported Authentication Info Type: %s", msg);

         return 0;

     }

 

@@ -164,7 +167,7 @@ DWORD APIENTRY NPLogonNotify(
     UnicodeStringToANSI(IL->Password, password, MAX_PASSWORD_LENGTH);

     UnicodeStringToANSI(IL->LogonDomainName, logonDomain, MAX_DOMAIN_LENGTH);

 

-    /* Make sure AD-DOMANS sent from login that is sent to us is stripped */

+    /* Make sure AD-DOMAINS sent from login that is sent to us is stripped */

     ctemp = strchr(uname, '@');

     if (ctemp) *ctemp = 0;

 

@@ -177,13 +180,15 @@ DWORD APIENTRY NPLogonNotify(
     }

 

     code = KFW_get_cred(uname, password, 0, &reason);

-    DebugEvent("KFW_get_cred  uname=[%s] code=[%d]",uname, code);

+    DebugEvent("NPLogonNotify - KFW_get_cred  uname=[%s] code=[%d]",uname, code);

     

     /* remove any kerberos 5 tickets currently held by the SYSTEM account

      * for this user 

      */

-    sprintf(szLogonId,"kfwlogon-%d.%d",lpLogonId->HighPart, lpLogonId->LowPart);

-    KFW_copy_cache_to_system_file(uname, szLogonId);

+    if (!code) {

+	sprintf(szLogonId,"kfwlogon-%d.%d",lpLogonId->HighPart, lpLogonId->LowPart);

+	KFW_copy_cache_to_system_file(uname, szLogonId);

+    }

 

     KFW_destroy_tickets_for_principal(uname);

 

@@ -202,6 +207,11 @@ DWORD APIENTRY NPLogonNotify(
         SetLastError(code);

     }

 

+    if (code)

+	DebugEvent0("NPLogonNotify failure");

+    else

+	DebugEvent0("NPLogonNotify success");

+

     return code;

 }