sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

r4256: Add a patch from kllin@it.su.se: New Parameter 'afs token lifetime' tells the

Browse Source 
AFS client when to throw away a token.

Thanks,

Volker
(This used to be commit 836a8277b2)
This commit is contained in:
Volker Lendecke 2004-12-17 11:42:10 +00:00 committed by Gerald (Jerry) Carter
parent 35657ac39e
commit c96872d3ab
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source3/lib/afs.c
View File

@ -139,7 +139,11 @@ static BOOL afs_createtoken(const char *username, const char *cell,
SIVAL(p, 0, now);
ct->BeginTimestamp = now;
ct->EndTimestamp = now + (255*60*5);
if(lp_afs_token_lifetime() == 0)
ct->EndTimestamp = NEVERDATE;
else
ct->EndTimestamp = now + lp_afs_token_lifetime();
if (((ct->EndTimestamp - ct->BeginTimestamp) & 1) == 1) {
ct->BeginTimestamp += 1; /* Lifetime must be even */
}

8
source3/param/loadparm.c
View File

@ -127,6 +127,7 @@ typedef struct
char *szSocketOptions;
char *szRealm;
char *szAfsUsernameMap;
int iAfsTokenLifetime;
char *szUsernameMap;
char *szLogonScript;
char *szLogonPath;
@ -1125,6 +1126,7 @@ static struct parm_struct parm_table[] = {
{"socket address", P_STRING, P_GLOBAL, &Globals.szSocketAddress, NULL, NULL, FLAG_ADVANCED},
{"homedir map", P_STRING, P_GLOBAL, &Globals.szNISHomeMapName, NULL, NULL, FLAG_ADVANCED},
{"afs username map", P_STRING, P_GLOBAL, &Globals.szAfsUsernameMap, NULL, NULL, FLAG_ADVANCED},
{"afs token lifetime", P_INTEGER, P_GLOBAL, &Globals.iAfsTokenLifetime, NULL, NULL, FLAG_ADVANCED},
{"time offset", P_INTEGER, P_GLOBAL, &extra_time_offset, NULL, NULL, FLAG_ADVANCED},
{"NIS homedir", P_BOOL, P_GLOBAL, &Globals.bNISHomeMap, NULL, NULL, FLAG_ADVANCED},
{"-valid", P_BOOL, P_LOCAL, &sDefault.valid, NULL, NULL, FLAG_HIDE},
@ -1474,6 +1476,11 @@ static void init_globals(void)
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
Globals.ldap_timeout = LDAP_CONNECT_DEFAULT_TIMEOUT;
/* This is what we tell the afs client. in reality we set the token
* to never expire, though, when this runs out the afs client will
* forget the token. Set to 0 to get NEVERDATE.*/
Globals.iAfsTokenLifetime = 604800;
/* these parameters are set to defaults that are more appropriate
for the increasing samba install base:
@ -1647,6 +1654,7 @@ FN_GLOBAL_STRING(lp_passwordserver, &Globals.szPasswordServer)
FN_GLOBAL_STRING(lp_name_resolve_order, &Globals.szNameResolveOrder)
FN_GLOBAL_STRING(lp_realm, &Globals.szRealm)
FN_GLOBAL_CONST_STRING(lp_afs_username_map, &Globals.szAfsUsernameMap)
FN_GLOBAL_INTEGER(lp_afs_token_lifetime, &Globals.iAfsTokenLifetime)
FN_GLOBAL_STRING(lp_username_map, &Globals.szUsernameMap)
FN_GLOBAL_CONST_STRING(lp_logon_script, &Globals.szLogonScript)
FN_GLOBAL_CONST_STRING(lp_logon_path, &Globals.szLogonPath)