From c245433e909ee0844b562e951cfc07f92cb8e787 Mon Sep 17 00:00:00 2001
From: Evan Broder <broder@mit.edu>
Date: Sun, 21 Dec 2008 14:37:31 -0600
Subject: [PATCH] Initialize the security object.

This is where we determine whether to use authentication and encryption.

Signed-off-by: Evan Broder <broder@mit.edu>
---
 afs/_pts.pyx |   16 ++++++++++++++++
 afs/afs.pxd  |   32 +++++++++++++++++++++++++-------
 2 files changed, 41 insertions(+), 7 deletions(-)

diff --git a/afs/_pts.pyx b/afs/_pts.pyx
index 40ccd17..a06911d 100644
--- a/afs/_pts.pyx
+++ b/afs/_pts.pyx
@@ -10,6 +10,7 @@ cdef class PTS:
         cdef char * c_cell
         cdef a.ktc_principal prin
         cdef a.ktc_token token
+        cdef a.rx_securityClass *sc
         
         if cell is None:
             c_cell = NULL
@@ -42,6 +43,21 @@ cdef class PTS:
                     # No really - we wanted authentication
                     raise Exception(code, "Failed to get token for service AFS: %s" % a.error_message(code))
                 sec = 0
+            else:
+                if sec == 3:
+                    level = a.rxkad_crypt
+                else:
+                    level = a.rxkad_clear
+                sc = a.rxkad_NewClientSecurityObject(level, &token.sessionKey,
+                                                   token.kvno, token.ticketLen,
+                                                   token.ticket)
+        
+        if sec == 0:
+            sc = a.rxnull_NewClientSecurityObject()
+        else:
+            sec = 2
+        
+        code = a.rxs_Release(sc)
     
     def __dealloc__(self):
         a.rx_Finalize()
diff --git a/afs/afs.pxd b/afs/afs.pxd
index e518288..36ab76c 100644
--- a/afs/afs.pxd
+++ b/afs/afs.pxd
@@ -62,27 +62,42 @@ cdef extern from "rx/rx.h":
     int rx_Init(int port)
     void rx_Finalize()
 
+cdef extern from *:
+    struct ktc_encryptionKey:
+        pass
+
 cdef extern from "rx/rxkad.h":
+    ctypedef char rxkad_level
+    
     enum:
         MAXKTCNAMELEN
         MAXKTCREALMLEN
     
+    enum:
+        rxkad_clear
+        rxkad_crypt
+    
     struct ktc_principal:
         char name[MAXKTCNAMELEN]
         char instance[MAXKTCNAMELEN]
         char cell[MAXKTCREALMLEN]
-
-cdef extern from "afs/com_err.h":
-    char * error_message(int)
+    
+    struct rx_securityClass:
+        pass
+    
+    rx_securityClass *rxkad_NewClientSecurityObject(rxkad_level level,
+                                                    ktc_encryptionKey *sessionKey,
+                                                    afs_int32 kvno,
+                                                    int ticketLen,
+                                                    char *ticket)
+    rx_securityClass *rxnull_NewClientSecurityObject()
+    
+    int rxs_Release(rx_securityClass *aobj)
 
 cdef extern from "afs/auth.h":
     enum:
         MAXKTCTICKETLEN
     
-    # We don't look into this
-    struct ktc_encryptionKey:
-        pass
-    
     struct ktc_token:
         ktc_encryptionKey sessionKey
         short kvno
@@ -93,3 +108,6 @@ cdef extern from "afs/auth.h":
                      ktc_token *token,
                      int tokenLen,
                      ktc_principal *client)
+
+cdef extern from "afs/com_err.h":
+    char * error_message(int)
-- 
1.7.9.5