95 lines
2.9 KiB
Diff
95 lines
2.9 KiB
Diff
Index: branches/2.5-fixes/src/include/batch_request.h
|
|
===================================================================
|
|
--- branches/2.5-fixes/src/include/batch_request.h (revision 5100)
|
|
+++ branches/2.5-fixes/src/include/batch_request.h (revision 5101)
|
|
@@ -404,7 +404,7 @@
|
|
|
|
#ifndef PBS_MOM
|
|
extern void req_authenuser (struct batch_request *req);
|
|
-extern void req_altauthenuser (struct batch_request *req);
|
|
+extern int req_altauthenuser (struct batch_request *req);
|
|
extern void req_connect (struct batch_request *req);
|
|
extern void req_locatejob (struct batch_request *req);
|
|
extern void req_manager (struct batch_request *req);
|
|
Index: branches/2.5-fixes/src/server/req_getcred.c
|
|
===================================================================
|
|
--- branches/2.5-fixes/src/server/req_getcred.c (revision 5100)
|
|
+++ branches/2.5-fixes/src/server/req_getcred.c (revision 5101)
|
|
@@ -436,7 +436,7 @@
|
|
* utility
|
|
*
|
|
*/
|
|
-void req_altauthenuser(
|
|
+int req_altauthenuser(
|
|
|
|
struct batch_request *preq) /* I */
|
|
|
|
@@ -462,7 +462,7 @@
|
|
if(s >= PBS_NET_MAX_CONNECTIONS)
|
|
{
|
|
req_reject(PBSE_BADCRED, 0, preq, NULL, "cannot authenticate user");
|
|
- return;
|
|
+ return (PBSE_BADCRED);
|
|
}
|
|
|
|
|
|
@@ -470,7 +470,8 @@
|
|
if(rc)
|
|
{
|
|
/* FAILED */
|
|
- return;
|
|
+ req_reject(PBSE_SYSTEM, 0, preq, NULL, "munge failure");
|
|
+ return (PBSE_SYSTEM);
|
|
}
|
|
|
|
/* SUCCESS */
|
|
@@ -482,7 +483,7 @@
|
|
svr_conn[s].cn_authen = PBS_NET_CONN_AUTHENTICATED;
|
|
|
|
reply_ack(preq);
|
|
- return;
|
|
+ return (PBSE_NONE);
|
|
|
|
} /* END req_altauthenuser() */
|
|
|
|
Index: branches/2.5-fixes/src/server/process_request.c
|
|
===================================================================
|
|
--- branches/2.5-fixes/src/server/process_request.c (revision 5100)
|
|
+++ branches/2.5-fixes/src/server/process_request.c (revision 5101)
|
|
@@ -541,10 +541,21 @@
|
|
rc = 0; /* bypass the authentication of the user--trust the client completely */
|
|
else if(munge_on)
|
|
{
|
|
- /* If munge_on is true we will validate the connection later */
|
|
- conn_credent[sfds].timestamp = time_now;
|
|
- svr_conn[sfds].cn_authen = PBS_NET_CONN_AUTHENTICATED;
|
|
- rc = 0;
|
|
+ /* If munge_on is true we will validate the connection now */
|
|
+ if ( request->rq_type == PBS_BATCH_AltAuthenUser)
|
|
+ {
|
|
+ rc = req_altauthenuser(request);
|
|
+ if (rc == PBSE_NONE)
|
|
+ {
|
|
+ conn_credent[sfds].timestamp = time_now;
|
|
+ svr_conn[sfds].cn_authen = PBS_NET_CONN_AUTHENTICATED;
|
|
+ }
|
|
+ return;
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ rc = authenticate_user(request, &conn_credent[sfds]);
|
|
+ }
|
|
}
|
|
else if (svr_conn[sfds].cn_authen != PBS_NET_CONN_AUTHENTICATED)
|
|
rc = PBSE_BADCRED;
|
|
@@ -1021,9 +1032,6 @@
|
|
break;
|
|
|
|
case PBS_BATCH_AltAuthenUser:
|
|
- /* Use given authentication method to determine
|
|
- if user is valid */
|
|
- req_altauthenuser(request);
|
|
|
|
break;
|
|
|