From: zacheiss Date: Fri, 29 Mar 2002 02:23:33 +0000 (+0000) Subject: Provide support for Kerberos-only accounts. X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/commitdiff_plain/9d5ca0f42e9d5910e43377b52d0a0d1fe08a33af Provide support for Kerberos-only accounts. --- diff --git a/reg_svr/reg_svr.h b/reg_svr/reg_svr.h index 42d74727..516bae9d 100644 --- a/reg_svr/reg_svr.h +++ b/reg_svr/reg_svr.h @@ -17,6 +17,7 @@ typedef struct reg_client { char *username; /* desired username. set by LOGN */ int reserved_username; /* if username wasn't picked by user */ unsigned short *random; /* random state */ + int user_status; /* Status of account */ } reg_client; void RIFO(reg_client *rc, int argc, char **argv); diff --git a/reg_svr/reg_svr.pc b/reg_svr/reg_svr.pc index 60079c4e..e5a6cd93 100644 --- a/reg_svr/reg_svr.pc +++ b/reg_svr/reg_svr.pc @@ -301,7 +301,7 @@ void RIFO(reg_client *rc, int argc, char **argv) char middle[USERS_MIDDLE_SIZE], last[USERS_LAST_SIZE]; char fullname[USERS_FIRST_SIZE + USERS_MIDDLE_SIZE + USERS_LAST_SIZE]; char class[USERS_TYPE_SIZE], pin[USERS_PIN_SIZE]; - int uid, status, secure, sqlstatus, string_id; + int uid, status, secure, sqlstatus; EXEC SQL END DECLARE SECTION; if (rc->uid || argc != 4) @@ -365,6 +365,7 @@ void RIFO(reg_client *rc, int argc, char **argv) case US_REGISTERED: case US_ENROLLED: case US_ENROLL_NOT_ALLOWED: + case US_REGISTERED_KERBEROS_ONLY: reply(rc, ALREADY_REGISTERED, "INIT", "c", NULL, login); return; @@ -380,6 +381,7 @@ void RIFO(reg_client *rc, int argc, char **argv) break; } + rc->user_status = status; rc->uid = uid; sprintf(fullname, "%s %s%s%s", first, middle, *middle ? " " : "", last); if (!strcmp(class, "MITS")) @@ -427,19 +429,13 @@ void RIFO(reg_client *rc, int argc, char **argv) reply(rc, FOUND, "GETL", "c", rc->suggestions, fullname, class); else { - if (status == US_NO_LOGIN_YET) + if (rc->user_status == US_NO_LOGIN_YET || + rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY) { status = check_kerberos(login); - if (status == MR_SUCCESS) - if (!strcmp(class, "LINCOLN")) - { - EXEC SQL SELECT string_id INTO :string_id FROM strings - WHERE string = 'LINCOLN: no pobox or filesys'; - EXEC SQL UPDATE users SET comments = :string_id - WHERE login = :login; - } - else - status = register_user(rc->uid, login); + if (status == MR_SUCCESS && + rc->user_status != US_NO_LOGIN_YET_KERBEROS_ONLY) + status = register_user(rc->uid, login); if (status == MR_IN_USE) { reply(rc, RESERVED_USERNAME_UNAVAILABLE, "INIT", "c", NULL, @@ -563,8 +559,12 @@ void LOGN(reg_client *rc, int argc, char **argv) status = check_kerberos(login); if (status == MR_SUCCESS) - status = register_user(rc->uid, login); - + { + if (rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY) + EXEC SQL UPDATE users SET login = :login WHERE unix_uid = :rc->uid; + else + status = register_user(rc->uid, login); + } if (status == MR_IN_USE) { if (rc->reserved_username) @@ -679,7 +679,11 @@ void PSWD(reg_client *rc, int argc, char **argv) reply(rc, KADM_ERROR, "INIT", "c", NULL, error_message(status)); return; } - EXEC SQL UPDATE users SET status = 1 WHERE login = :login; + + if (rc->user_status == US_NO_LOGIN_YET_KERBEROS_ONLY) + EXEC SQL UPDATE users SET status = 9 WHERE login = :login; + else + EXEC SQL UPDATE users SET status = 1 WHERE login = :login; EXEC SQL COMMIT; reply(rc, DONE, "INIT", "c", NULL, rc->username);