Changeset 9d21120


Ignore:
Timestamp:
Nov 8, 2010, 4:02:43 PM (14 years ago)
Author:
Alejandro R. Sedeño <asedeno@mit.edu>
Branches:
master, release-1.10, release-1.7, release-1.8, release-1.9
Children:
35d2091
Parents:
1522e5d
git-author:
Alejandro R. Sedeño <asedeno@mit.edu> (11/04/10 15:02:02)
git-committer:
Alejandro R. Sedeño <asedeno@mit.edu> (11/08/10 16:02:43)
Message:
zephyr: update smartstrip logic

* Deal with krb5 principal types first, then krb4 princiapl types.
* Special case principals that start with 'host/', 'daemon/', 'rcmd.', and 'daemon.'.
* Drop special case for webzephyr as it is now taken care of by the more general case above.

Signed-off-by: Alejandro R. Sedeño <asedeno@mit.edu>
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • owl.h

    r1522e5d r9d21120  
    201201#define OWL_WEBZEPHYR_CLASS     "webzephyr"
    202202#define OWL_WEBZEPHYR_OPCODE    "webzephyr"
     203
     204#define OWL_ZEPHYR_NOSTRIP_HOST         "host/"
     205#define OWL_ZEPHYR_NOSTRIP_RCMD         "rcmd."
     206#define OWL_ZEPHYR_NOSTRIP_DAEMON5      "daemon/"
     207#define OWL_ZEPHYR_NOSTRIP_DAEMON4      "daemon."
    203208
    204209#define OWL_REGEX_QUOTECHARS    "!+*.?[]^\\${}()"
  • zephyr.c

    r1522e5d r9d21120  
    12291229
    12301230/* strip out the instance from a zsender's principal.  Preserves the
    1231  * realm if present.  daemon/webzephyr.mit.edu is a special case.
    1232  * The caller must free the return.
     1231 * realm if present.  Leave host/ and daemon/ krb5 principals
     1232 * alone. Also leave rcmd. and daemon. krb4 principals alone. The
     1233 * caller must free the return.
    12331234 */
    12341235char *owl_zephyr_smartstripped_user(const char *in)
    12351236{
    1236   char *ptr, *realm, *out;
    1237 
    1238   out=owl_strdup(in);
     1237  char *slash, *dot, *realm, *out;
     1238
     1239  out = owl_strdup(in);
    12391240
    12401241  /* bail immeaditly if we don't have to do any work */
    1241   ptr=strchr(out, '.');
    1242   if (!strchr(out, '/') && !ptr) {
    1243     /* no '/' and no '.' */
     1242  slash = strchr(out, '/');
     1243  dot = strchr(out, '.');
     1244  if (!slash && !dot) {
    12441245    return(out);
    12451246  }
    1246   if (ptr && strchr(out, '@') && (ptr > strchr(out, '@'))) {
    1247     /* There's a '.' but it's in the realm */
     1247
     1248  if (!strncasecmp(out, OWL_ZEPHYR_NOSTRIP_HOST, strlen(OWL_ZEPHYR_NOSTRIP_HOST)) ||
     1249      !strncasecmp(out, OWL_ZEPHYR_NOSTRIP_RCMD, strlen(OWL_ZEPHYR_NOSTRIP_RCMD)) ||
     1250      !strncasecmp(out, OWL_ZEPHYR_NOSTRIP_DAEMON5, strlen(OWL_ZEPHYR_NOSTRIP_DAEMON5)) ||
     1251      !strncasecmp(out, OWL_ZEPHYR_NOSTRIP_DAEMON4, strlen(OWL_ZEPHYR_NOSTRIP_DAEMON4))) {
    12481252    return(out);
    12491253  }
    1250   if (!strncasecmp(out, OWL_WEBZEPHYR_PRINCIPAL, strlen(OWL_WEBZEPHYR_PRINCIPAL))) {
     1254
     1255  realm = strchr(out, '@');
     1256  if (!slash && dot && realm && (dot > realm)) {
     1257    /* There's no '/', and the first '.' is in the realm */
    12511258    return(out);
    12521259  }
    12531260
    12541261  /* remove the realm from out, but hold on to it */
    1255   realm=strchr(out, '@');
    12561262  if (realm) realm[0]='\0';
    12571263
    12581264  /* strip */
    1259   ptr=strchr(out, '.');
    1260   if (!ptr) ptr=strchr(out, '/');
    1261   ptr[0]='\0';
     1265  if (slash) slash[0] = '\0';  /* krb5 style user/instance */
     1266  else if (dot) dot[0] = '\0'; /* krb4 style user.instance */
    12621267
    12631268  /* reattach the realm if we had one */
Note: See TracChangeset for help on using the changeset viewer.