krb5 commit: Combine username and realm in get tickets dialog
Benjamin Kaduk
kaduk at MIT.EDU
Fri Aug 24 15:55:28 EDT 2012
https://github.com/krb5/krb5/commit/1f311623467f479e6d8671c9802fe46e93aeb434
commit 1f311623467f479e6d8671c9802fe46e93aeb434
Author: Kevin Wasserman <kevin.wasserman at painless-security.com>
Date: Wed Jun 6 14:30:58 2012 -0400
Combine username and realm in get tickets dialog
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
ticket: 7266 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
src/windows/leashdll/lsh_pwd.c | 137 +++++----------------------------------
src/windows/leashdll/lsh_pwd.rc | 40 ++++++------
2 files changed, 36 insertions(+), 141 deletions(-)
diff --git a/src/windows/leashdll/lsh_pwd.c b/src/windows/leashdll/lsh_pwd.c
index 5ea59df..e62cf5c 100644
--- a/src/windows/leashdll/lsh_pwd.c
+++ b/src/windows/leashdll/lsh_pwd.c
@@ -1475,8 +1475,7 @@ AuthenticateProc(
)
{
static POINT Position = { -1, -1 };
- static char username[LEASH_USERNAME_SZ]="";
- static char realm[LEASH_REALM_SZ]="";
+ static char principal[256]="";
static char password[256]="";
static int lifetime=0;
static int renew_till=0;
@@ -1491,7 +1490,6 @@ AuthenticateProc(
static RECT dlgRect;
static int hideDiff = 0;
static void *pAutoComplete = 0;
- char principal[256];
long realm_count = 0;
int disable_noaddresses = 0;
HWND hEditCtrl=0;
@@ -1535,7 +1533,8 @@ AuthenticateProc(
SetWindowText(hDialog, lpdi->title);
SetProp(hDialog, "HANDLES_HELP", (HANDLE)1);
-
+// @TODO: in/out principal
+/*
if ( lpdi->size >= LSH_DLGINFO_EX_V3_SZ )
lstrcpy(username, lpdi->in.username);
else if (lpdi->username)
@@ -1544,7 +1543,7 @@ AuthenticateProc(
lstrcpy(realm, lpdi->in.realm);
else if (lpdi->realm)
lstrcpy(realm, lpdi->realm);
-
+*/
if (lpdi->use_defaults) {
lifetime = Leash_get_default_lifetime();
if (lifetime <= 0)
@@ -1576,7 +1575,7 @@ AuthenticateProc(
publicip = lpdi->publicip;
}
- CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username);
+ CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal);
CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD, "");
#if 0 /* 20030619 - mjv wishes to return to the default character */
@@ -1584,102 +1583,6 @@ AuthenticateProc(
CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD, EM_SETPASSWORDCHAR, 32, 0);
#endif
- /* Populate list of Realms */
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_RESETCONTENT, 0, 0);
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_LIMITTEXT, 192, 0);
-
- if (pprofile_get_subsection_names && pprofile_free_list) {
- const char* rootSection[] = {"realms", NULL};
- const char** rootsec = rootSection;
- char **sections = NULL, **cpp = NULL, *value = NULL;
-
- char krb5_conf[MAX_PATH+1];
-
- if (!GetProfileFile(krb5_conf,sizeof(krb5_conf))) {
- profile_t profile;
- long retval;
- const char *filenames[2];
-
- filenames[0] = krb5_conf;
- filenames[1] = NULL;
- retval = pprofile_init(filenames, &profile);
- if (!retval) {
- retval = pprofile_get_subsection_names(profile, rootsec, §ions);
-
- if (!retval)
- {
- for (cpp = sections; *cpp; cpp++)
- {
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)*cpp);
- realm_count++;
- }
- }
- pprofile_free_list(sections);
-
- retval = pprofile_get_string(profile, "libdefaults","noaddresses", 0, "true", &value);
- if ( value ) {
- disable_noaddresses = config_boolean_to_int(value);
- pprofile_release_string(value);
- }
-
- pprofile_release(profile);
- }
- }
- } else {
- FILE * file;
- char krb_conf[MAX_PATH+1];
- char * p;
-
- if (!GetKrb4ConFile(krb_conf,sizeof(krb_conf)) &&
- (file = fopen(krb_conf, "rt")))
- {
- char lineBuf[256];
- // Skip the default realm
- readstring(file,lineBuf,sizeof(lineBuf));
-
- // Read the defined realms
- while (TRUE)
- {
- if (readstring(file,lineBuf,sizeof(lineBuf)) < 0)
- break;
-
- if (*(lineBuf + strlen(lineBuf) - 1) == '\r')
- *(lineBuf + strlen(lineBuf) - 1) = 0;
-
- for (p=lineBuf; *p ; p++)
- {
- if (isspace(*p)) {
- *p = 0;
- break;
- }
- }
-
- if ( strncmp(".KERBEROS.OPTION.",lineBuf,17) ) {
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)lineBuf);
- realm_count++;
- }
- }
-
- fclose(file);
- }
- }
- if (realm_count == 0)
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)realm);
-
- /* Select the default Realm */
- if (!realm[0] && hKrb5) {
- krb5_context ctx=0;
- char * def = 0;
- pkrb5_init_context(&ctx);
- pkrb5_get_default_realm(ctx,&def);
- if (def) {
- lstrcpy(realm, def);
- free(def);
- }
- pkrb5_free_context(ctx);
- }
- CSetDlgItemText(hDialog, IDC_COMBO_REALM, realm);
-
/* Set Lifetime Slider
* min value = 5
* max value = 1440
@@ -1848,32 +1751,24 @@ AuthenticateProc(
{
DWORD value = 0;
- CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username, sizeof(username));
+ CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal, sizeof(principal));
CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD, password, sizeof(password));
- CGetDlgItemText(hDialog, IDC_COMBO_REALM, realm, sizeof(realm));
- if (!username[0])
- {
+ if (!principal[0]) {
MessageBox(hDialog,
- "You are not allowed to enter a blank username.",
- "Invalid Principal",
- MB_OK | MB_ICONSTOP);
- return TRUE;
- }
- if (!realm[0])
- {
- MessageBox(hDialog,
- "You are not allowed to enter a blank realm.",
- "Invalid Principal",
- MB_OK | MB_ICONSTOP);
+ "You are not allowed to enter a blank principal.",
+ "Invalid Principal",
+ MB_OK | MB_ICONSTOP);
return TRUE;
}
-
+ // @TODO: parse realm portion and auto-uppercase
+/*
if (Leash_get_default_uppercaserealm())
{
// found
strupr(realm);
}
+*/
if (!password[0])
{
@@ -1894,7 +1789,6 @@ AuthenticateProc(
renew_till= 0;
}
- sprintf(principal,"%s@%s",username,realm);
lsh_errno = Leash_int_kinit_ex( 0,
hDialog,
principal, password, lifetime,
@@ -1962,14 +1856,15 @@ AuthenticateProc(
Leash_set_default_forwardable(forwardable);
Leash_set_default_noaddresses(noaddresses);
}
-
+/* @TODO: out username/realm
if ( lpdi->size >= LSH_DLGINFO_EX_V2_SZ ) {
strncpy(lpdi->out.username, username, LEASH_USERNAME_SZ);
lpdi->out.username[LEASH_USERNAME_SZ-1] = 0;
strncpy(lpdi->out.realm, realm, LEASH_REALM_SZ);
lpdi->out.realm[LEASH_REALM_SZ-1] = 0;
}
- lacAddPrincipal(username);
+*/
+ lacAddPrincipal(principal);
CloseMe(TRUE); /* success */
return FALSE;
diff --git a/src/windows/leashdll/lsh_pwd.rc b/src/windows/leashdll/lsh_pwd.rc
index ad15f10..cfdcdb1 100644
--- a/src/windows/leashdll/lsh_pwd.rc
+++ b/src/windows/leashdll/lsh_pwd.rc
@@ -98,37 +98,37 @@ CAPTION "Authenticate to Kerberos"
FONT 8, "Microsoft Sans Serif"
BEGIN
EDITTEXT IDC_EDIT_PRINCIPAL,89,42,259,14,ES_AUTOHSCROLL
- EDITTEXT IDC_EDIT_PASSWORD,89,74,259,14,ES_PASSWORD |
+ EDITTEXT IDC_EDIT_PASSWORD,89,58,259,14,ES_PASSWORD |
ES_AUTOHSCROLL
- COMBOBOX IDC_COMBO_REALM,89,57,259,79,CBS_DROPDOWN |
- CBS_AUTOHSCROLL | CBS_SORT | WS_VSCROLL | WS_TABSTOP
- DEFPUSHBUTTON "OK",IDOK,302,235,49,14
- PUSHBUTTON "Cancel",IDCANCEL,249,235,49,14
- PUSHBUTTON "Hide Advanced Settings",IDC_BUTTON_OPTIONS,146,235,89,14
+ DEFPUSHBUTTON "OK",IDOK,302,219,49,14
+ PUSHBUTTON "Cancel",IDCANCEL,249,219,49,14
+ PUSHBUTTON "Hide Advanced Settings",IDC_BUTTON_OPTIONS,146,219,89,14
CONTROL "Ticket Lifetime",IDC_SLIDER_LIFETIME,"msctls_trackbar32",
- TBS_BOTH | TBS_NOTICKS | WS_TABSTOP,90,113,258,15
+ TBS_BOTH | TBS_NOTICKS | WS_TABSTOP,90,97,258,15
CONTROL "Forwardable (can be forwarded to other machines)",
IDC_CHECK_FORWARDABLE,"Button",BS_AUTOCHECKBOX |
- WS_TABSTOP,89,150,203,10
+ WS_TABSTOP,89,123,203,10
+ CONTROL "Proxiable (can be forwarded to other machines)",
+ IDC_CHECK_FORWARDABLE,"Button",BS_AUTOCHECKBOX |
+ WS_TABSTOP,89,135,203,10
CONTROL "Renewable (can be renewed during the renwable lifetime)",
IDC_CHECK_RENEWABLE,"Button",BS_AUTOCHECKBOX |
- WS_TABSTOP,89,163,186,10
+ WS_TABSTOP,89,147,186,10
CONTROL "Slider2",IDC_SLIDER_RENEWLIFE,"msctls_trackbar32",
- TBS_BOTH | TBS_NOTICKS | WS_TABSTOP,90,194,258,15
- RTEXT "Name:",IDC_STATIC_NAME,66,44,21,8
- RTEXT "Realm:",IDC_STATIC_REALM,64,60,23,8
- RTEXT "Password:",IDC_STATIC_PWD,13,76,74,8
- RTEXT "Ticket Lifetime:",IDC_STATIC_LIFETIME,23,103,65,8,0,
+ TBS_BOTH | TBS_NOTICKS | WS_TABSTOP,90,178,258,15
+ RTEXT "Principal:",IDC_STATIC_NAME,13,44,74,8
+ RTEXT "Password:",IDC_STATIC_PWD,13,60,74,8
+ RTEXT "Ticket Lifetime:",IDC_STATIC_LIFETIME,23,87,65,8,0,
WS_EX_RIGHT
- LTEXT "Flag this ticket as:",IDC_STATIC_KRB5,36,139,101,8
- LTEXT "HMS",IDC_STATIC_LIFETIME_VALUE,90,103,131,8
- LTEXT "HMS",IDC_STATIC_RENEW_TILL_VALUE,90,180,141,8
- LTEXT "",IDC_STATIC_VERSION,7,244,130,8
+ LTEXT "Flag this ticket as:",IDC_STATIC_KRB5,32,123,56,8
+ LTEXT "HMS",IDC_STATIC_LIFETIME_VALUE,90,87,131,8
+ LTEXT "HMS",IDC_STATIC_RENEW_TILL_VALUE,90,164,141,8
+ LTEXT "",IDC_STATIC_VERSION,7,228,130,8
ICON LEASHICON,IDC_PICTURE_LEASH,21,15,20,20
LTEXT "Please Authenticate",
IDC_STATIC_NOTICE,51,23,276,8
- RTEXT "Renewable Lifetime:",IDC_STATIC_RENEW,10,180,79,8
- LTEXT "",IDC_STATIC_COPYRIGHT,7,256,323,8
+ RTEXT "Renewable Lifetime:",IDC_STATIC_RENEW,10,164,79,8
+ LTEXT "",IDC_STATIC_COPYRIGHT,7,240,323,8
END
IDD_PASSWORD DIALOG DISCARDABLE 0, 0, 382, 198
More information about the cvs-krb5
mailing list