[pubcookie-dev] Force Re-authentication handling

Wed Jun 21 09:17:12 PDT 2006

This diff doesn't apply smoothly to flavor_basic.c r1.82 in cvs:

$ patch < brads-reauth-patch.diff
patching file flavor_basic.c
Hunk #1 FAILED at 25.
Hunk #2 FAILED at 831.
Hunk #3 succeeded at 837 (offset -22 lines).
2 out of 3 hunks FAILED -- saving rejects to file flavor_basic.c.rej

I'd like to include this. Can you make and attach another diff, 
this time against our cvs version?

-Nathan

On Tue, 20 Jun 2006, Bradley Schwoerer wrote:

> Below is proposed change to the handling of force re-authentication.  At the
> present if an application requests force re-authentication and a user has
> not authenticated the reason code is reauth instead of just auth.  This
> change would give the auth reason code instead of the reauth.
>
> -Bradley
>
>
>
>
> Index: ds/c/pubcookie/src/flavor_basic.c
> diff -u ds/c/pubcookie/src/flavor_basic.c:1.7
> ds/c/pubcookie/src/flavor_basic.c:1.7.10.1
> --- ds/c/pubcookie/src/flavor_basic.c:1.7 Fri Feb 10 14:04:05 2006
> +++ ds/c/pubcookie/src/flavor_basic.c Tue Jun 20 14:00:03 2006
> @@ -25,7 +25,7 @@
>  *   will pass l->realm to the verifier and append it to the username when
>  *   'append_realm' is set
>  *
> - * $Id: flavor_basic.c,v 1.7 2006/02/10 20:04:05 miner Exp $
> + * $Id: flavor_basic.c,v 1.7.10.1 2006/06/20 19:00:03 schwoerb Exp $
>  */
>
>
> @@ -831,15 +831,6 @@
>             rcode = FLB_BAD_AUTH;
>         }
>
> -        /* Auth request entry. */
> -        /* If reauth, check time limit */
> -    } else if (l->session_reauth &&
> -               ((l->session_reauth == 1) ||
> -                (c
> -                 && (c->create_ts + (l->session_reauth) < pbc_time
> (NULL))))) {
> -        *errstr = "reauthentication required";
> -        rcode = FLB_REAUTH;
> -
>         /* If the pinit flag is set, show a pinit login page */
>     } else if (l->pinit == PBC_TRUE) {
>         *errstr = "pinit";
> @@ -868,6 +859,15 @@
>         *errstr = "cached credentials wrong flavor";
>         rcode = FLB_CACHE_CREDS_WRONG;
>
> +        /* Auth request entry. */
> +        /* If reauth, check time limit */
> +    } else if (l->session_reauth &&
> +               ((l->session_reauth == 1) ||
> +                (c
> +                 && (c->create_ts + (l->session_reauth) < pbc_time
> (NULL))))) {
> +        *errstr = "reauthentication required";
> +        rcode = FLB_REAUTH;
> +
>     } else {                    /* valid login cookie */
>         pbc_log_activity (p, PBC_LOG_DEBUG_LOW,
>                           "flavor_basic: L cookie valid user: %s",
>
>
> ---
> You are currently subscribed to mst-cvs-ds-pubcookie as: bschwoerer at wisc.edu
> To unsubscribe send a blank email to leave-2879125-2267482D at lists.wisc.edu
>
> ------ End of Forwarded Message
>
>
> _______________________________________________
> pubcookie-dev mailing list
> pubcookie-dev at u.washington.edu
> http://mailman1.u.washington.edu/mailman/listinfo/pubcookie-dev
>