Add rxgk client options to vl and pt utilities

Add options to use rxgk for outgoing connections to vlserver, vos, ptserver, and pts. For vlserver and ptserver, name the new option -s2scrypt, similar to the existing volserver option -s2scrypt. For vlserver and ptserver, specify 'rxgk-crypt' to turn on rxgk crypt connections for our server-to-server ubik communication. For vos and pts, just name the new option '-rxgk', and allow the user to specify the rxgk level to use ('clear', 'auth', or 'crypt'). The pts code is currently somewhat ill-suited to changing what rx security class and security level we use, but do the best we can without refactoring the whole thing. Change-Id: Iefae46291330d2b5e05b2a2bbaec1b9150b3c892 Reviewed-on: https://gerrit.openafs.org/11105 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: Benjamin Kaduk <kaduk@mit.edu>
2025-01-18 15:00:12 +00:00 · 2014-04-13 22:01:59 -04:00 · 2014-04-13 22:01:59 -04:00 · e5b1e6f1ad
commit e5b1e6f1ad
parent fc7e1700fe
6 changed files with 134 additions and 6 deletions
--- a/src/ptserver/pts.c
+++ b/src/ptserver/pts.c
@ -25,6 +25,7 @@
 #include <afs/cmd.h>
 #include <rx/rx.h>
 #include <rx/xdr.h>
+#include <rx/rxgk_int.h>

 #include "ptclient.h"
 #include "ptuser.h"
@ -167,6 +168,7 @@ GetGlobals(struct cmd_syndesc *as, void *arock)
    afs_int32 sec;
    int changed = 0;
    const char* confdir;
+    RXGK_Level rxgk_level = RXGK_LEVEL_BOGUS;

    whoami = as->a0name;

@ -221,9 +223,26 @@ GetGlobals(struct cmd_syndesc *as, void *arock)
 	confdir = as->parms[23].items->data;
    }

+    if (as->parms[24].items) { /* -rxgk */
+	char *rxgk_seclevel_str = as->parms[24].items->data;
+	changed = 1;
+
+	if (strcmp(rxgk_seclevel_str, "clear") == 0)
+	    rxgk_level = RXGK_LEVEL_CLEAR;
+	else if (strcmp(rxgk_seclevel_str, "auth") == 0)
+	    rxgk_level = RXGK_LEVEL_AUTH;
+	else if (strcmp(rxgk_seclevel_str, "crypt") == 0)
+	    rxgk_level = RXGK_LEVEL_CRYPT;
+	else {
+	    fprintf(stderr, "Invalid argument to -rxgk: %s\n", rxgk_seclevel_str);
+	    return 1;
+	}
+
+    }
+
    if (changed) {
 	CleanUp(as, arock);
-	code = pr_Initialize(sec, confdir, cell);
+	code = pr_Initialize2(sec, confdir, cell, rxgk_level);
    } else {
 	code = 0;
    }
@ -1091,6 +1110,7 @@ add_std_args(struct cmd_syndesc *ts)
    cmd_AddParm(ts, "-encrypt", CMD_FLAG, CMD_OPTIONAL,
 		"encrypt commands");
    cmd_AddParm(ts, "-config", CMD_SINGLE, CMD_OPTIONAL, "config location");
+    cmd_AddParm(ts, "-rxgk", CMD_SINGLE, CMD_OPTIONAL, "rxgk security level to use");
    free(test_help);
 }

--- a/src/ptserver/ptserver.c
+++ b/src/ptserver/ptserver.c
@ -234,7 +234,8 @@ enum optionsList {
    OPT_rxbind,
    OPT_rxmaxmtu,
    OPT_dotted,
-    OPT_transarc_logs
+    OPT_transarc_logs,
+    OPT_s2s_crypt
 };

 int
@ -253,6 +254,7 @@ main(int argc, char **argv)
    afs_uint32 host = htonl(INADDR_ANY);
    struct cmd_syndesc *opts;
    struct cmd_item *list;
+    int s2s_rxgk = 0;

    char *pr_dbaseName;
    char *configDir;
@ -261,6 +263,7 @@ main(int argc, char **argv)

    char *auditFileName = NULL;
    char *interface = NULL;
+    char *s2s_crypt_behavior = NULL;

 #ifdef	AFS_AIX32_ENV
    /*
@ -364,6 +367,11 @@ main(int argc, char **argv)
 		        CMD_FLAG, CMD_OPTIONAL,
 		        "permit Kerberos 5 principals with dots");

+    /* rxgk options */
+    cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
+			CMD_OPTIONAL,
+			"rxgk-crypt | never");
+
    code = cmd_Parse(argc, argv, &opts);
    if (code == CMD_HELP) {
 	PT_EXIT(0);
@ -460,6 +468,20 @@ main(int argc, char **argv)
    /* rxkad options */
    cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);

+    /* rxgk options */
+    if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
+	if (strcmp(s2s_crypt_behavior, "never") == 0) {
+	    /* noop; this is the default */
+	} else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
+	    s2s_rxgk = 1;
+	} else {
+	    fprintf(stderr, "Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
+	    PT_EXIT(1);
+	}
+	free(s2s_crypt_behavior);
+	s2s_crypt_behavior = NULL;
+    }
+
    cmd_FreeOptions(&opts);

    if (auditFileName) {
@ -513,7 +535,13 @@ main(int argc, char **argv)
    osi_audit_set_user_check(prdir, pr_IsLocalRealmMatch);

    /* initialize ubik */
-    ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, prdir);
+    if (s2s_rxgk) {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
+				    afsconf_UpToDate, prdir);
+    } else {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate,
+				    prdir);
+    }
    ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
 				afsconf_CheckAuth, prdir);

--- a/src/ptserver/ptuser.c
+++ b/src/ptserver/ptuser.c
@ -20,6 +20,7 @@
 #include <afs/cellconfig.h>
 #include <afs/afsutil.h>
 #include <afs/com_err.h>
+#include <rx/rxgk_int.h>

 #include "ptclient.h"
 #include "ptuser.h"
@ -173,6 +174,13 @@ CreateIdList(struct idhash *idhash, idlist * alist, afs_int32 select)

 afs_int32
 pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
+{
+    return pr_Initialize2(secLevel, confDir, cell, RXGK_LEVEL_BOGUS);
+}
+
+afs_int32
+pr_Initialize2(IN afs_int32 secLevel, IN const char *confDir, IN char *cell,
+	       int rxgk_level)
 {
    afs_int32 code;
    struct rx_connection *serverconns[MAXSERVERS];
@ -187,6 +195,7 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
    char cellstr[64];
    afs_int32 gottdir = 0;
    afs_int32 refresh = 0;
+    int use_rxgk = 0;

    initialize_PT_error_table();
    initialize_RXK_error_table();
@ -270,10 +279,31 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
 	return code;
    }

+    switch (rxgk_level) {
+    case RXGK_LEVEL_CLEAR:
+    case RXGK_LEVEL_AUTH:
+    case RXGK_LEVEL_CRYPT:
+	use_rxgk = 1;
+	if (secLevel != 2) {
+	    fprintf(stderr, "libprot: Cannot use rxgk with non-localauth right now\n");
+	    return EINVAL;
+	}
+    }
+
    /* Most callers use secLevel==1, however, the fileserver uses secLevel==2
     * to force use of the KeyFile.  secLevel == 0 implies -noauth was
     * specified. */
-    if (secLevel == 2) {
+    if (use_rxgk) {
+	switch (rxgk_level) {
+	case RXGK_LEVEL_CLEAR: code = afsconf_ClientAuthRXGKClear(tdir, &sc, &scIndex);
+			       break;
+	case RXGK_LEVEL_AUTH:  code = afsconf_ClientAuthRXGKAuth(tdir, &sc, &scIndex);
+			       break;
+	case RXGK_LEVEL_CRYPT: code = afsconf_ClientAuthRXGKCrypt(tdir, &sc, &scIndex);
+	}
+	if (code)
+	    afs_com_err(whoami, code, "(calling client rxgk)");
+    } else if (secLevel == 2) {
 	/* If secLevel is two assume we're on a file server and use
 	 * ClientAuthSecure if possible. */
 	code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
--- a/src/ptserver/ptuser.h
+++ b/src/ptserver/ptuser.h
@ -15,6 +15,8 @@
 /* ptuser.c */
 extern afs_int32 pr_Initialize(afs_int32 secLevel, const char *confDir,
 			       char *cell);
+extern afs_int32 pr_Initialize2(afs_int32 secLevel, const char *confDir,
+				char *cell, int rxgk_level);
 extern int pr_End(void);
 extern int pr_CreateUser(prname name, afs_int32 *id) AFS_NONNULL();
 extern int pr_CreateGroup(prname name, prname owner,
--- a/src/vlserver/vlserver.c
+++ b/src/vlserver/vlserver.c
@ -158,7 +158,8 @@ enum optionsList {
    OPT_trace,
    OPT_dotted,
    OPT_restricted_query,
-    OPT_transarc_logs
+    OPT_transarc_logs,
+    OPT_s2s_crypt
 };

 int
@ -180,6 +181,7 @@ main(int argc, char **argv)
    afs_uint32 host = ntohl(INADDR_ANY);
    struct cmd_syndesc *opts;
    struct logOptions logopts;
+    int s2s_rxgk = 0;

    char *vl_dbaseName;
    char *configDir;
@ -187,6 +189,7 @@ main(int argc, char **argv)
    char *auditFileName = NULL;
    char *interface = NULL;
    char *optstring = NULL;
+    char *s2s_crypt_behavior = NULL;

    char *restricted_query_parameter = NULL;

@ -280,6 +283,11 @@ main(int argc, char **argv)
 		        CMD_FLAG, CMD_OPTIONAL,
 		        "permit Kerberos 5 principals with dots");

+    /* rxgk options */
+    cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
+			CMD_OPTIONAL,
+			"rxgk-crypt | never");
+
    code = cmd_Parse(argc, argv, &opts);
    if (code == CMD_HELP) {
 	exit(0);
@ -387,6 +395,20 @@ main(int argc, char **argv)
 	free(restricted_query_parameter);
    }

+    /* rxgk options */
+    if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
+	if (strcmp(s2s_crypt_behavior, "never") == 0) {
+	    /* noop; this is the default */
+	} else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
+	    s2s_rxgk = 1;
+	} else {
+	    printf("Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
+	    return -1;
+	}
+	free(s2s_crypt_behavior);
+	s2s_crypt_behavior = NULL;
+    }
+
    if (auditFileName) {
 	osi_audit_file(auditFileName);
    }
@ -487,7 +509,12 @@ main(int argc, char **argv)
    rx_SetRxDeadTime(50);

    ubik_nBuffers = 512;
-    ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    if (s2s_rxgk) {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
+				    afsconf_UpToDate, tdir);
+    } else {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    }
    ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
 				afsconf_CheckAuth, tdir);

--- a/src/volser/vos.c
+++ b/src/volser/vos.c
@ -80,6 +80,7 @@ enum {
    COMMONPARM_OFFSET_ENCRYPT   = 29,
    COMMONPARM_OFFSET_NORESOLVE = 30,
    COMMONPARM_OFFSET_CONFIG    = 31,
+    COMMONPARM_OFFSET_RXGK      = 32,
 };

 #define COMMONPARMS \
@ -98,6 +99,8 @@ cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_NORESOLVE, \
    "-noresolve", CMD_FLAG, CMD_OPTIONAL, "don't resolve addresses"); \
 cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_CONFIG, \
    "-config", CMD_SINGLE, CMD_OPTIONAL, "config location"); \
+cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_RXGK, \
+    "-rxgk", CMD_SINGLE, CMD_OPTIONAL, "rxgk security level to use"); \

 #define ERROR_EXIT(code) do { \
    error = (code); \
@ -5930,6 +5933,7 @@ static int
 MyBeforeProc(struct cmd_syndesc *as, void *arock)
 {
    char *tcell;
+    char *rxgk_seclevel_str = NULL;
    afs_int32 code;
    int secFlags;

@ -5960,6 +5964,23 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
    if (as->parms[COMMONPARM_OFFSET_CONFIG].items)   /* -config flag set */
 	confdir = as->parms[COMMONPARM_OFFSET_CONFIG].items->data;

+    if (cmd_OptionAsString(as, COMMONPARM_OFFSET_RXGK, &rxgk_seclevel_str) == 0) {
+	if (strcmp(rxgk_seclevel_str, "clear") == 0)
+	    secFlags |= AFSCONF_SECOPTS_ALWAYSCLEAR;
+	else if (strcmp(rxgk_seclevel_str, "auth") == 0)
+	    secFlags |= AFSCONF_SECOPTS_NEVERENCRYPT;
+	else if (strcmp(rxgk_seclevel_str, "crypt") == 0) {
+	    /* don't need to set any flags; this is the default for rxgk */
+	} else {
+	    fprintf(STDERR, "Invalid argument to -rxgk: %s\n", rxgk_seclevel_str);
+	    exit(1);
+	}
+	secFlags |= AFSCONF_SECOPTS_RXGK;
+
+	free(rxgk_seclevel_str);
+	rxgk_seclevel_str = NULL;
+    }
+
    if ((code = vsu_ClientInit(confdir, tcell, secFlags, UV_SetSecurity,
 			       &cstruct))) {
 	fprintf(STDERR, "could not initialize VLDB library (code=%lu) \n",