From 0d4fd9fd6679bf30469c21db02f88e7d0d466a92 Mon Sep 17 00:00:00 2001 From: Nickolai Zeldovich Date: Wed, 7 Nov 2001 00:01:52 +0000 Subject: [PATCH] afsdb-avoid-dns-case-issues-for-cell-aliases-20011106 This patch makes sure that in-kernel aliases to non-existant names aren't accidentally created due to case mismatch (e.g. "athena" being created as a symlink to "athena.MIT.EDU", while "athena.mit.edu" is the real cell that already exists). It also lowercases cell names in AFSDB lookups, otherwise the same problem appears in userspace (eg "aklog athena" tries to obtain tokens for cell "athena.MIT.EDU"). --- src/afs/afs_cell.c | 42 +++++++++++++++++++++++++++++++++--------- src/auth/cellconfig.c | 5 +++++ 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/src/afs/afs_cell.c b/src/afs/afs_cell.c index 587067983f..7416249d9f 100644 --- a/src/afs/afs_cell.c +++ b/src/afs/afs_cell.c @@ -220,17 +220,18 @@ int afs_GetCellHostsFromDns(acellName, acellHosts, timeout, realName) } -void afs_RefreshCell(tc) - register struct cell *tc; +void afs_RefreshCell(ac) + register struct cell *ac; { afs_int32 cellHosts[MAXCELLHOSTS]; char *realName = NULL; + struct cell *tc; int timeout; /* Don't need to do anything if no timeout or it's not expired */ - if (!tc->timeout || tc->timeout > osi_Time()) return; + if (!ac->timeout || ac->timeout > osi_Time()) return; - if (afs_GetCellHostsFromDns(tc->cellName, cellHosts, &timeout, &realName)) + if (afs_GetCellHostsFromDns(ac->cellName, cellHosts, &timeout, &realName)) /* In case of lookup failure, keep old data */ goto done; @@ -238,9 +239,19 @@ void afs_RefreshCell(tc) afs_NewCell(realName, cellHosts, 0, (char *) 0, 0, 0, timeout, (char *) 0); /* If this is an alias, update the alias entry too */ - if (afs_strcasecmp(tc->cellName, realName)) - afs_NewCell(tc->cellName, 0, CAlias, (char *) 0, 0, 0, - timeout, realName); + if (afs_strcasecmp(ac->cellName, realName)) { + /* + * Look up the entry we just updated, to compensate for + * uppercase-vs-lowercase lossage with DNS. + */ + tc = afs_GetCellByName2(realName, READ_LOCK, 0 /* no AFSDB */); + + if (tc) { + afs_NewCell(ac->cellName, 0, CAlias, (char *) 0, 0, 0, + timeout, tc->cellName); + afs_PutCell(tc, READ_LOCK); + } + } done: if (realName) @@ -254,6 +265,7 @@ struct cell *afs_GetCellByName_Dns(acellName, locktype) { afs_int32 cellHosts[MAXCELLHOSTS]; char *realName = NULL; + struct cell *tc; int timeout; if (afs_GetCellHostsFromDns(acellName, cellHosts, &timeout, &realName)) @@ -264,9 +276,21 @@ struct cell *afs_GetCellByName_Dns(acellName, locktype) /* If this is an alias, create an entry for it too */ if (afs_strcasecmp(acellName, realName)) { - if (afs_NewCell(acellName, 0, CAlias, (char *) 0, 0, 0, - timeout, realName)) + /* + * Look up the entry we just updated, to compensate for + * uppercase-vs-lowercase lossage with DNS. + */ + tc = afs_GetCellByName2(realName, READ_LOCK, 0 /* no AFSDB */); + if (!tc) goto bad; + + if (afs_NewCell(acellName, 0, CAlias, (char *) 0, 0, 0, + timeout, tc->cellName)) { + afs_PutCell(tc, READ_LOCK); + goto bad; + } + + afs_PutCell(tc, READ_LOCK); } if (realName) diff --git a/src/auth/cellconfig.c b/src/auth/cellconfig.c index 8e299f4d0a..f0d2d0a038 100644 --- a/src/auth/cellconfig.c +++ b/src/auth/cellconfig.c @@ -718,6 +718,11 @@ afsconf_GetAfsdbInfo(acellName, aservice, acellInfo) if (server_num == 0) /* No AFSDB records */ return AFSCONF_NOTFOUND; + + /* Convert the real cell name to lowercase */ + for (p = (unsigned char *) realCellName; *p; p++) + *p = tolower(*p); + strncpy(acellInfo->name, realCellName, sizeof(acellInfo->name)); acellInfo->numServers = server_num;