Provide support for Kerberos-only accounts.

diff --git a/reg_svr/reg_svr.h b/reg_svr/reg_svr.h
index 42d74727b5eb5f6ad0d15c9309df6c05dcfe0ccf..516bae9d1138aca0944c043f8e421bb653cda5d6 100644 (file)
--- a/reg_svr/reg_svr.h
+++ b/reg_svr/reg_svr.h
@@ -17,6 +17,7 @@ typedef struct reg_client {
   char *username;                      /* desired username. set by LOGN */
   int reserved_username;               /* if username wasn't picked by user */
   unsigned short *random;              /* random state */
+  int user_status;                      /* Status of account */
 } reg_client;
 
 void RIFO(reg_client *rc, int argc, char **argv);

diff --git a/reg_svr/reg_svr.pc b/reg_svr/reg_svr.pc
index 60079c4e83127d12b956eabc7ddd849db4c9f050..e5a6cd931c1e0a576a533f1694f6811cf5ff45a5 100644 (file)
--- a/reg_svr/reg_svr.pc
+++ b/reg_svr/reg_svr.pc
@@ -301,7 +301,7 @@ void RIFO(reg_client *rc, int argc, char **argv)
   char middle[USERS_MIDDLE_SIZE], last[USERS_LAST_SIZE];
   char fullname[USERS_FIRST_SIZE + USERS_MIDDLE_SIZE + USERS_LAST_SIZE];
   char class[USERS_TYPE_SIZE], pin[USERS_PIN_SIZE];
-  int uid, status, secure, sqlstatus, string_id;
+  int uid, status, secure, sqlstatus;
   EXEC SQL END DECLARE SECTION;
 
   if (rc->uid || argc != 4)
@@ -365,6 +365,7 @@ void RIFO(reg_client *rc, int argc, char **argv)
     case US_REGISTERED:
     case US_ENROLLED:
     case US_ENROLL_NOT_ALLOWED:
+    case US_REGISTERED_KERBEROS_ONLY:
       reply(rc, ALREADY_REGISTERED, "INIT", "c", NULL, login);
       return;
 
@@ -380,6 +381,7 @@ void RIFO(reg_client *rc, int argc, char **argv)
       break;
     }
 
+  rc->user_status = status;
   rc->uid = uid;
   sprintf(fullname, "%s %s%s%s", first, middle, *middle ? " " : "", last);
   if (!strcmp(class, "MITS"))
@@ -427,19 +429,13 @@ void RIFO(reg_client *rc, int argc, char **argv)
     reply(rc, FOUND, "GETL", "c", rc->suggestions, fullname, class);
   else
     {
-      if (status == US_NO_LOGIN_YET)
+      if (rc->user_status == US_NO_LOGIN_YET || 
+         rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY)
        {
          status = check_kerberos(login);
-         if (status == MR_SUCCESS)
-           if (!strcmp(class, "LINCOLN"))
-             {
-               EXEC SQL SELECT string_id INTO :string_id FROM strings
-                 WHERE string = 'LINCOLN: no pobox or filesys';
-               EXEC SQL UPDATE users SET comments = :string_id 
-                 WHERE login = :login;
-             }
-           else
-             status = register_user(rc->uid, login);
+         if (status == MR_SUCCESS && 
+             rc->user_status != US_NO_LOGIN_YET_KERBEROS_ONLY)
+           status = register_user(rc->uid, login);
          if (status == MR_IN_USE)
            {
              reply(rc, RESERVED_USERNAME_UNAVAILABLE, "INIT", "c", NULL, 
@@ -563,8 +559,12 @@ void LOGN(reg_client *rc, int argc, char **argv)
 
   status = check_kerberos(login);
   if (status == MR_SUCCESS)
-    status = register_user(rc->uid, login);
-
+    {
+      if (rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY)
+       EXEC SQL UPDATE users SET login = :login WHERE unix_uid = :rc->uid;
+      else
+       status = register_user(rc->uid, login);
+    }
   if (status == MR_IN_USE)
     {
       if (rc->reserved_username)
@@ -679,7 +679,11 @@ void PSWD(reg_client *rc, int argc, char **argv)
       reply(rc, KADM_ERROR, "INIT", "c", NULL, error_message(status));
       return;
     }
-  EXEC SQL UPDATE users SET status = 1 WHERE login = :login;
+  
+  if (rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY)
+    EXEC SQL UPDATE users SET status = 9 WHERE login = :login;
+  else
+    EXEC SQL UPDATE users SET status = 1 WHERE login = :login;
   EXEC SQL COMMIT;
 
   reply(rc, DONE, "INIT", "c", NULL, rc->username);