return conn;
}
+/* returns EACCES if authorization is denied */
static int tids_auth_cb(gss_name_t clientName, gss_buffer_t displayName,
void *data)
{
struct tids_instance *inst = (struct tids_instance *) data;
TR_NAME name ={(char *) displayName->value,
displayName->length};
- return inst->auth_handler(clientName, &name, inst->cookie);
+ int result=0;
+
+ if (0!=inst->auth_handler(clientName, &name, inst->cookie)) {
+ tr_debug("tids_auth_cb: client '%.*s' denied authorization.", name.len, name.buf);
+ result=EACCES; /* denied */
+ }
+
+ return result;
}
+/* returns 0 on authorization success, 1 on failure, or -1 in case of error */
static int tids_auth_connection (struct tids_instance *inst,
int conn, gss_ctx_id_t *gssctx)
{
return tids;
}
+/* Process tids requests forever. Should not return except on error. */
int tids_start (TIDS_INSTANCE *tids,
TIDS_REQ_FUNC *req_handler,
tids_auth_func *auth_handler,
close(listen);
tids_handle_connection(tids, conn);
close(conn);
- return 0;
+ exit(0); /* exit to kill forked child process */
} else {
close(conn);
}