diff --git a/src/WINNT/afsd/fs.c b/src/WINNT/afsd/fs.c index 5e960c56a1..c373530d0b 100644 --- a/src/WINNT/afsd/fs.c +++ b/src/WINNT/afsd/fs.c @@ -2447,7 +2447,7 @@ struct afsconf_cell *info; } else { /* got a ticket */ - if (ttoken.kvno >= 0 && ttoken.kvno <= 255) scIndex = 2; /* kerberos */ + if (ttoken.kvno >= 0 && ttoken.kvno <= 256) scIndex = 2; /* kerberos */ else { fprintf (stderr, "fs: funny kvno (%d) in ticket, proceeding\n", ttoken.kvno); diff --git a/src/bozo/bos.c b/src/bozo/bos.c index d5ced10e36..ad5a00f4f8 100644 --- a/src/bozo/bos.c +++ b/src/bozo/bos.c @@ -239,7 +239,7 @@ GetConn(as, aencrypt) code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); if (code == 0) { /* have tickets, will travel */ - if (ttoken.kvno >= 0 && ttoken.kvno <= 255); + if (ttoken.kvno >= 0 && ttoken.kvno <= 256); else { fprintf(stderr, "bos: funny kvno (%d) in ticket, proceeding\n", diff --git a/src/libafsauthent/Makefile.in b/src/libafsauthent/Makefile.in index dbd6b4ac8d..04e57910d3 100644 --- a/src/libafsauthent/Makefile.in +++ b/src/libafsauthent/Makefile.in @@ -48,6 +48,7 @@ KAUTHOBJS = \ read_passwd.o UBIKOBJS = \ + uinit.o \ ubikclient.o \ uerrors.o \ ubik_int.cs.o \ @@ -160,6 +161,9 @@ read_passwd.o: ${KAUTH}/read_passwd.c ubikclient.o: ${UBIK}/ubikclient.c ${CCRULE} +uinit.o: ${UBIK}/uinit.c + ${CCRULE} + uerrors.o: ${UBIK}/uerrors.c ${CCRULE} diff --git a/src/libafsauthent/NTMakefile b/src/libafsauthent/NTMakefile index 0e65c5eaf0..5b8669e7f4 100644 --- a/src/libafsauthent/NTMakefile +++ b/src/libafsauthent/NTMakefile @@ -53,6 +53,7 @@ KAUTHOBJS = \ $(OUT)\user_nt.obj UBIKOBJS = \ + $(OUT)\uinit.obj \ $(OUT)\ubikclient.obj \ $(OUT)\uerrors.obj \ $(OUT)\ubik_int.cs.obj \ diff --git a/src/ptserver/ptuser.c b/src/ptserver/ptuser.c index 8f5cd6a017..df297b52b0 100644 --- a/src/ptserver/ptuser.c +++ b/src/ptserver/ptuser.c @@ -168,7 +168,7 @@ pr_Initialize(IN afs_int32 secLevel, IN char *confDir, IN char *cell) if (code) scIndex = 0; else { - if (ttoken.kvno >= 0 && ttoken.kvno <= 255) + if (ttoken.kvno >= 0 && ttoken.kvno <= 256) /* this is a kerberos ticket, set scIndex accordingly */ scIndex = 2; else { diff --git a/src/scout/Makefile.in b/src/scout/Makefile.in index db42c140eb..5007c85ee3 100644 --- a/src/scout/Makefile.in +++ b/src/scout/Makefile.in @@ -24,6 +24,7 @@ INCLS=${TOP_INCDIR}/afs/gtxobjects.h \ LIBS=${TOP_LIBDIR}/libgtx.a \ ${TOP_LIBDIR}/libfsprobe.a \ ${TOP_LIBDIR}/libvolser.a \ + ${TOP_LIBDIR}/libubik.a \ ${TOP_LIBDIR}/libkauth.a \ ${TOP_LIBDIR}/libauth.a \ ${TOP_LIBDIR}/librxkad.a \ @@ -31,7 +32,6 @@ LIBS=${TOP_LIBDIR}/libgtx.a \ ${TOP_LIBDIR}/libcmd.a \ ${TOP_LIBDIR}/vlib.a ${TOP_LIBDIR}/libacl.a \ ${TOP_LIBDIR}/libvldb.a \ - ${TOP_LIBDIR}/libubik.a \ ${TOP_LIBDIR}/libafsint.a \ ${TOP_LIBDIR}/libsys.a \ ${TOP_LIBDIR}/librx.a \ diff --git a/src/shlibafsauthent/Makefile.in b/src/shlibafsauthent/Makefile.in index 4c01bf03af..306423f266 100644 --- a/src/shlibafsauthent/Makefile.in +++ b/src/shlibafsauthent/Makefile.in @@ -53,6 +53,7 @@ KAUTHOBJS = \ read_passwd.o UBIKOBJS = \ + uinit.o \ ubikclient.o \ uerrors.o \ ubik_int.cs.o \ @@ -175,6 +176,9 @@ read_passwd.o: ${KAUTH}/read_passwd.c ubikclient.o: ${UBIK}/ubikclient.c ${CCRULE} +uinit.o: ${UBIK}/uinit.c + ${CCRULE} + uerrors.o: ${UBIK}/uerrors.c ${CCRULE} diff --git a/src/ubik/Makefile.in b/src/ubik/Makefile.in index 8f2ee41131..018173863f 100644 --- a/src/ubik/Makefile.in +++ b/src/ubik/Makefile.in @@ -10,7 +10,7 @@ include @TOP_OBJDIR@/src/config/Makefile.config LIBOBJS=disk.o remote.o beacon.o recovery.o ubik.o vote.o lock.o phys.o \ ubik_int.cs.o ubik_int.ss.o ubik_int.xdr.o ubikcmd.o \ - ubikclient.o uerrors.o + ubikclient.o uerrors.o uinit.o INCLS=${TOP_INCDIR}/lwp.h ${TOP_INCDIR}/lock.h \ ${TOP_INCDIR}/rx/rx.h ${TOP_INCDIR}/rx/xdr.h \ @@ -99,6 +99,7 @@ libubik.a: ${LIBOBJS} AFS_component_version_number.o $(RANLIB) $@ disk.o: disk.c ${INCLS} +uinit.o: uinit.c ${INCLS} remote.o: remote.c ${INCLS} beacon.o: beacon.c ${INCLS} lock.o: lock.c ${INCLS} diff --git a/src/ubik/NTMakefile b/src/ubik/NTMakefile index f3cfd550a4..b819484505 100644 --- a/src/ubik/NTMakefile +++ b/src/ubik/NTMakefile @@ -31,6 +31,7 @@ LIBOBJS =\ $(OUT)\beacon.obj \ $(OUT)\recovery.obj \ $(OUT)\ubik.obj \ + $(OUT)\uinit.obj \ $(OUT)\vote.obj \ $(OUT)\lock.obj \ $(OUT)\phys.obj \ diff --git a/src/ubik/ubik.p.h b/src/ubik/ubik.p.h index b72a822327..b69a66fe40 100644 --- a/src/ubik/ubik.p.h +++ b/src/ubik/ubik.p.h @@ -359,4 +359,15 @@ extern int ubik_BeginTrans(register struct ubik_dbase *dbase, afs_int32 transMode, struct ubik_trans **transPtr); extern int ubik_EndTrans(register struct ubik_trans *transPtr); +/* uinit.c */ + +extern afs_int32 ugen_ClientInit(int noAuthFlag, char *confDir, char *cellName, + afs_int32 sauth, + struct ubik_client **uclientp, + int (*secproc) (), char *funcName, + afs_int32 gen_rxkad_level, + afs_int32 maxservers, afs_int32 serviceid, + afs_int32 deadtime, afs_uint32 server, + afs_uint32 port, afs_int32 usrvid); + #endif /* UBIK_H */ diff --git a/src/ubik/uinit.c b/src/ubik/uinit.c new file mode 100644 index 0000000000..32c6bf1255 --- /dev/null +++ b/src/ubik/uinit.c @@ -0,0 +1,206 @@ +/* + * Copyright 2000, International Business Machines Corporation and others. + * All Rights Reserved. + * + * This software has been released under the terms of the IBM Public + * License. For details, see the LICENSE file in the top-level source + * directory or online at http://www.openafs.org/dl/license10.html + */ + +#include +#include + +RCSID + ("$Header$"); + +#include +#ifdef AFS_NT40_ENV +#include +#include +#else +#include +#include +#include +#include +#endif /* AFS_NT40_ENV */ +#include +#ifdef AFS_AIX_ENV +#include +#endif + +#ifdef HAVE_STRING_H +#include +#else +#ifdef HAVE_STRINGS_H +#include +#endif +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* + Get the appropriate type of ubik client structure out from the system. +*/ +afs_int32 +ugen_ClientInit(int noAuthFlag, char *confDir, char *cellName, afs_int32 sauth, + struct ubik_client **uclientp, int (*secproc) (), + char *funcName, afs_int32 gen_rxkad_level, + afs_int32 maxservers, afs_int32 serviceid, afs_int32 deadtime, + afs_uint32 server, afs_uint32 port, afs_int32 usrvid) +{ + afs_int32 code, scIndex, i; + struct afsconf_cell info; + struct afsconf_dir *tdir; + struct ktc_principal sname; + struct ktc_token ttoken; + struct rx_securityClass *sc; + /* This must change if VLDB_MAXSERVERS becomes larger than MAXSERVERS */ + static struct rx_connection *serverconns[MAXSERVERS]; + char cellstr[64]; + + code = rx_Init(0); + if (code) { + fprintf(stderr, "%s: could not initialize rx.\n", funcName); + return code; + } + rx_SetRxDeadTime(deadtime); + + if (sauth) { /* -localauth */ + tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); + if (!tdir) { + fprintf(stderr, + "%s: Could not process files in configuration directory (%s).\n", + funcName, AFSDIR_SERVER_ETC_DIRPATH); + return -1; + } + code = afsconf_ClientAuth(tdir, &sc, &scIndex); /* sets sc,scIndex */ + if (code) { + fprintf(stderr, + "%s: Could not get security object for -localAuth\n", + funcName); + return -1; + } + code = + afsconf_GetCellInfo(tdir, tdir->cellName, serviceid, + &info); + if (code) { + fprintf(stderr, + "%s: can't find cell %s's hosts in %s/%s\n", + funcName, cellName, AFSDIR_SERVER_ETC_DIRPATH, + AFSDIR_CELLSERVDB_FILE); + exit(1); + } + } else { /* not -localauth */ + tdir = afsconf_Open(confDir); + if (!tdir) { + fprintf(stderr, + "%s: Could not process files in configuration directory (%s).\n", + funcName, confDir); + return -1; + } + + if (!cellName) { + code = afsconf_GetLocalCell(tdir, cellstr, sizeof(cellstr)); + if (code) { + fprintf(stderr, + "%s: can't get local cellname, check %s/%s\n", + funcName, confDir, AFSDIR_THISCELL_FILE); + exit(1); + } + cellName = cellstr; + } + + code = + afsconf_GetCellInfo(tdir, cellName, serviceid, &info); + if (code) { + fprintf(stderr, + "%s: can't find cell %s's hosts in %s/%s\n", + funcName, cellName, confDir, AFSDIR_CELLSERVDB_FILE); + exit(1); + } + if (noAuthFlag) /* -noauth */ + scIndex = 0; + else { /* not -noauth */ + strcpy(sname.cell, info.name); + sname.instance[0] = 0; + strcpy(sname.name, "afs"); + code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); + if (code) { /* did not get ticket */ + fprintf(stderr, + "%s: Could not get afs tokens, running unauthenticated.\n", + funcName); + scIndex = 0; + } else { /* got a ticket */ + scIndex = 2; + if ((ttoken.kvno < 0) || (ttoken.kvno > 256)) { + fprintf(stderr, + "%s: funny kvno (%d) in ticket, proceeding\n", + funcName, ttoken.kvno); + } + } + } + + switch (scIndex) { + case 0: + sc = rxnull_NewClientSecurityObject(); + break; + case 2: + sc = rxkad_NewClientSecurityObject(gen_rxkad_level, + &ttoken.sessionKey, + ttoken.kvno, ttoken.ticketLen, + ttoken.ticket); + break; + default: + fprintf(stderr, "%s: unsupported security index %d\n", + funcName, scIndex); + exit(1); + break; + } + } + + afsconf_Close(tdir); + + if (secproc) /* tell UV module about default authentication */ + (*secproc) (sc, scIndex); + if (server) { + serverconns[0] = rx_NewConnection(server, port, + usrvid, sc, scIndex); + } else { + if (info.numServers > maxservers) { + fprintf(stderr, + "%s: info.numServers=%d (> maxservers=%d)\n", + funcName, info.numServers, maxservers); + exit(1); + } + for (i = 0; i < info.numServers; i++) { + serverconns[i] = + rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, + info.hostAddr[i].sin_port, usrvid, + sc, scIndex); + } + } + /* Are we just setting up connections, or is this really ubik stuff? */ + if (uclientp) { + *uclientp = 0; + code = ubik_ClientInit(serverconns, uclientp); + if (code) { + fprintf(stderr, "%s: ubik client init failed.\n", funcName); + return code; + } + } + return 0; +} + + diff --git a/src/venus/fs.c b/src/venus/fs.c index c7e23a6a90..d7ba1823a4 100644 --- a/src/venus/fs.c +++ b/src/venus/fs.c @@ -2659,75 +2659,14 @@ static int VLDBInit(int noAuthFlag, struct afsconf_cell *info) { afs_int32 code; - struct ktc_principal sname; - struct ktc_token ttoken; - afs_int32 scIndex; - struct rx_securityClass *sc; - struct rx_connection *serverconns[VLDB_MAXSERVERS]; - afs_int32 i; - code = rx_Init(0); - if (code) { - fprintf(stderr, "%s: could not initialize rx.\n", pn); - return code; - } + code = ugen_ClientInit(noAuthFlag, AFSDIR_CLIENT_ETC_DIRPATH, + info->name, 0, &uclient, + NULL, pn, rxkad_clear, + VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 50, + 0, 0, USER_SERVICE_ID); rxInitDone = 1; - rx_SetRxDeadTime(50); - if (!noAuthFlag) { /* we don't need tickets for null */ - strcpy(sname.cell, info->name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) { - fprintf(stderr, - "%s: Could not get afs tokens, running unauthenticated.\n", - pn); - scIndex = 0; - } else { - /* got a ticket */ - if (ttoken.kvno >= 0 && ttoken.kvno <= 255) - scIndex = 2; /* kerberos */ - else { - fprintf(stderr, "%s: funny kvno (%d) in ticket, proceeding\n", - pn, ttoken.kvno); - scIndex = 2; - } - } - } else - scIndex = 0; /* don't authenticate */ - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - - case 1: - break; - case 2: - sc = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - break; - } - if (info->numServers > VLDB_MAXSERVERS) { - fprintf(stderr, "%s: info.numServers=%d (> VLDB_MAXSERVERS=%d)\n", pn, - info->numServers, VLDB_MAXSERVERS); - exit(1); - } - memset(serverconns, 0, sizeof(serverconns)); - for (i = 0; i < info->numServers; i++) - serverconns[i] = - rx_NewConnection(info->hostAddr[i].sin_addr.s_addr, - info->hostAddr[i].sin_port, USER_SERVICE_ID, sc, - scIndex); - - code = ubik_ClientInit(serverconns, &uclient); - - if (code) { - fprintf(stderr, "%s: ubik client init failed.\n", pn); - return code; - } - return 0; + return code; } static struct ViceIoctl gblob; diff --git a/src/vlserver/vlclient.c b/src/vlserver/vlclient.c index 985fbc99dd..42d70c0c9a 100644 --- a/src/vlserver/vlclient.c +++ b/src/vlserver/vlclient.c @@ -162,102 +162,17 @@ GetVolume(vol, entry) /* Almost identical's to pr_Initialize in vlserver/pruser.c */ afs_int32 -vl_Initialize(auth, confDir, server, cellp) - int auth, server; - char *confDir, *cellp; +vl_Initialize(int auth, char *confDir, int server, char *cellp) { - afs_int32 code; - struct afsconf_dir *tdir; - struct ktc_principal sname; - struct ktc_token ttoken; - afs_int32 scIndex = 0; - struct rx_securityClass *sc; - struct afsconf_cell info; - afs_int32 i; - - code = rx_Init(0); - if (code) { - fprintf(stderr, "vl_Initialize: Could not initialize rx.\n"); - return code; - } - - rx_SetRxDeadTime(50); - if (!server) { - tdir = afsconf_Open(confDir); - if (!tdir) { - fprintf(stderr, "Could not open configuration directory (%s).\n", - confDir); - return -1; - } - } - if (auth) { /* we don't need tickets for null */ - if (!server) { - code = afsconf_GetLocalCell(tdir, sname.cell, sizeof(sname.cell)); - if (code) { - fprintf(stderr, - "vl_Initialize: Could not get local cell name.\n"); - return code; - } - } else - strncpy(sname.cell, cellp, sizeof(sname.cell)); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) { - fprintf(stderr, - "vl_Initialize: Could not get afs tokens, running unauthenticated.\n"); - scIndex = 0; - } else if (ttoken.kvno <= 255) - scIndex = 2; - else { /* bcrypt */ - fprintf(stderr, - "vl_Initialize: funny kvno (%d) in ticket, proceeding\n", - ttoken.kvno); - scIndex = 2; - } - } - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - case 1: - return -1; - case 2: - sc = rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - } - if (!server) { - code = afsconf_GetCellInfo(tdir, NULL, AFSCONF_VLDBSERVICE, &info); - if (info.numServers > MAXSERVERS) { - fprintf(stderr, - "vl_Initialize: info.numServers=%d (> MAXSERVERS=%d)\n", - info.numServers, MAXSERVERS); - exit(1); - } - for (i = 0; i < info.numServers; i++) - serverconns[i] = - rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, - info.hostAddr[i].sin_port, USER_SERVICE_ID, - sc, scIndex); - } else { - serverconns[0] = - rx_NewConnection(server, htons(AFSCONF_VLDBPORT), USER_SERVICE_ID, - sc, scIndex); - } - code = ubik_ClientInit(serverconns, &cstruct); - - if (code) { - fprintf(stderr, "vl_Initialize: ubik client init failed.\n"); - return code; - } - return 0; + return ugen_ClientInit(auth?0:1, confDir, cellp, 0, + &cstruct, NULL, "vl_Initialize", rxkad_clear, + MAXSERVERS, AFSCONF_VLDBSERVICE, 50, server, + htons(AFSCONF_VLDBPORT), USER_SERVICE_ID); } /* return host address in network byte order */ afs_int32 -GetServer(aname) - char *aname; +GetServer(char *aname) { register struct hostent *th; afs_int32 addr; diff --git a/src/volser/vsutils.c b/src/volser/vsutils.c index 1be7993539..f103a27ed9 100644 --- a/src/volser/vsutils.c +++ b/src/volser/vsutils.c @@ -445,128 +445,10 @@ vsu_ClientInit(noAuthFlag, confDir, cellName, sauth, uclientp, secproc) static struct rx_connection *serverconns[VLDB_MAXSERVERS]; char cellstr[64]; - - code = rx_Init(0); - if (code) { - fprintf(STDERR, "vsu_ClientInit: could not initialize rx.\n"); - return code; - } - rx_SetRxDeadTime(90); - - if (sauth) { /* -localauth */ - tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); - if (!tdir) { - fprintf(STDERR, - "vsu_ClientInit: Could not process files in configuration directory (%s).\n", - AFSDIR_SERVER_ETC_DIRPATH); - return -1; - } - code = afsconf_ClientAuth(tdir, &sc, &scIndex); /* sets sc,scIndex */ - if (code) { - fprintf(STDERR, - "vsu_ClientInit: Could not get security object for -localAuth\n"); - return -1; - } - code = - afsconf_GetCellInfo(tdir, tdir->cellName, AFSCONF_VLDBSERVICE, - &info); - if (code) { - fprintf(STDERR, - "vsu_ClientInit: can't find cell %s's hosts in %s/%s\n", - cellName, AFSDIR_SERVER_ETC_DIRPATH, - AFSDIR_CELLSERVDB_FILE); - exit(1); - } - } else { /* not -localauth */ - tdir = afsconf_Open(confDir); - if (!tdir) { - fprintf(STDERR, - "vsu_ClientInit: Could not process files in configuration directory (%s).\n", - confDir); - return -1; - } - - if (!cellName) { - code = afsconf_GetLocalCell(tdir, cellstr, sizeof(cellstr)); - if (code) { - fprintf(STDERR, - "vsu_ClientInit: can't get local cellname, check %s/%s\n", - confDir, AFSDIR_THISCELL_FILE); - exit(1); - } - cellName = cellstr; - } - - code = - afsconf_GetCellInfo(tdir, cellName, AFSCONF_VLDBSERVICE, &info); - if (code) { - fprintf(STDERR, - "vsu_ClientInit: can't find cell %s's hosts in %s/%s\n", - cellName, confDir, AFSDIR_CELLSERVDB_FILE); - exit(1); - } - if (noAuthFlag) /* -noauth */ - scIndex = 0; - else { /* not -noauth */ - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) { /* did not get ticket */ - fprintf(STDERR, - "vsu_ClientInit: Could not get afs tokens, running unauthenticated.\n"); - scIndex = 0; - } else { /* got a ticket */ - scIndex = 2; - if ((ttoken.kvno < 0) || (ttoken.kvno > 255)) { - fprintf(STDERR, - "vsu_ClientInit: funny kvno (%d) in ticket, proceeding\n", - ttoken.kvno); - } - } - } - - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - case 2: - sc = rxkad_NewClientSecurityObject(vsu_rxkad_level, - &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - break; - default: - fprintf(STDERR, "vsu_ClientInit: unsupported security index %d\n", - scIndex); - exit(1); - break; - } - } - - afsconf_Close(tdir); - - if (secproc) /* tell UV module about default authentication */ - (*secproc) (sc, scIndex); - if (info.numServers > VLDB_MAXSERVERS) { - fprintf(STDERR, - "vsu_ClientInit: info.numServers=%d (> VLDB_MAXSERVERS=%d)\n", - info.numServers, VLDB_MAXSERVERS); - exit(1); - } - for (i = 0; i < info.numServers; i++) { - serverconns[i] = - rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, - info.hostAddr[i].sin_port, USER_SERVICE_ID, sc, - scIndex); - } - *uclientp = 0; - code = ubik_ClientInit(serverconns, uclientp); - if (code) { - fprintf(STDERR, "vsu_ClientInit: ubik client init failed.\n"); - return code; - } - return 0; + return ugen_ClientInit(noAuthFlag, confDir, cellName, sauth, uclientp, + secproc, "vsu_ClientInit", vsu_rxkad_level, + VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 90, + 0, 0, USER_SERVICE_ID); }