Create a pthreaded version of libafsutil, named liboafs_util.la,
and use this library in all of the pthreaded binaries that we build,
replacing both inclusion of libafsutil.a, and direct compliation of
pthreaded versions of the util source files.
libafsutil.a is provided for legacy LWP applications, and the
convenience library libafsutil_pic.a remains until we address the way
in which the user space cache manager is built and linked.
Change-Id: Ibdc3d6e2fe56ca6f5b882cf03991d1a2e32c62b2
Reviewed-on: http://gerrit.openafs.org/8056
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Add a missing line continuation backslash, and use the correct
location for libafs_opr.la
Change-Id: I52e44d36d9e1a9a0b3cd81c463f952072d4cbb48
Reviewed-on: http://gerrit.openafs.org/8045
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Convert opr so that it uses libtool. For backwards compatibility we
still build libopr.a, but we do so as a static convenience library.
As libopr.a may, in the future, be converted to an LWP library, change
all of the pthreaded binaries so that they link against the libtool
library liboafs_opr.la
Change-Id: Icee04ff4745334f06ffba16df5bb07fc9dcc0b54
Reviewed-on: http://gerrit.openafs.org/8034
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Lots of our tests want to start a test RPC server, and then run
commands against it. Start to abstract out the code to do this
by pulling the code to start a test RPC server into its own
function in the common test directory.
Change-Id: Ie7fa1fa1984113f3722def17a9fd4b98993bd6ff
Reviewed-on: http://gerrit.openafs.org/7584
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Instead of bundling our own copies of Russ's C TAP Harness, start using
source pulled from his git repository using the src/external import
mechanism. Note that we are not currently building the floating
point (is_double) portion of the harness.
In the process of doing so, we also upgrade our test harness to the latest
upstream version, 1.11. This is somewhat problematic, as there have been
some significant code changes since the version bundled with OpenAFS.
Work around these by
*) Referencing the basic.h header as <tests/tap/basic.h>, rather than
just <tap/basic.h>, to match the new upstream layout
*) Changing the include path so that the tests/ directory can be
found within it.
Change-Id: I63efbb30248165e5729005b0a791e7eb7afb051d
Reviewed-on: http://gerrit.openafs.org/7374
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Russ Allbery <rra@stanford.edu>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Move the token faking code out of superuser-t.c into its own file in
tests/common, so it can be used by other tests.
Change-Id: I7b420250ef974b4b80a8dde692d2666657bb82ca
Reviewed-on: http://gerrit.openafs.org/7259
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Add krb.conf and krb.excl support to the auth cell configuration
library. Provide a function to determine if the user is local to the
cell. Provide a function to set the local realms during application
initialization. These changes are intended to replace the functions
afs_krb_get_lrealm and afs_is_foreign_ticket_name.
Change-Id: Iba57e9ffc2c958f3a4565a9352ce172189276ce9
Reviewed-on: http://gerrit.openafs.org/5744
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Instead of the current event stack, which uses a sorted linked
list, use a red/black tree to maintain the timer stack. This
dramatically improves event insertion times, at the expense of
some additional implementation complexity.
This change also adds reference counting to the rxevent
structure. We've always had a race between an event being
fired, and that event being simultaneously cancelled by
the user thread. Reference counting avoids that race resulting
in the structure appearing twice in the free list.
Change-Id: Icbef6e04e01f3eef5b888bc3cb77b7a3d1be26ae
Reviewed-on: http://gerrit.openafs.org/5841
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Move code for faking up an OpenAFS configuration directory into its
own "common" directory, as it's going to be of use to more tests than
just those in auth.
Change-Id: I9c80dd66763e222deca98bc7744ff317111c6ed8
Reviewed-on: http://gerrit.openafs.org/4806
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
A reference to the rxgk library crept into auth Makefile ahead of
time. Remove it so that tests can continue to work in trees without
rxgk.
Change-Id: Ic1392aebf657d458a55f2dcf685d0616f0573622
Reviewed-on: http://gerrit.openafs.org/4446
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
BuildServerSecurityObjects takes a set of flags, which makes it
hard to use it as a callback function. Rework this so that the
security flags are part of the afsconf directory structure, and
so BuildServerSecurityObjects only takes a rock, and its return
parameters.
Update all of the callers for this new function, and add tests
for it to the test suite.
Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937
Reviewed-on: http://gerrit.openafs.org/4201
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Pull the common code for creating a configuration directory out of
the keys and superuser tests into a single file. This both cleans up
the existing tests, and makes it easier to add new ones.
Change-Id: I08058117e08da3a3baf750b3b14ef6780f942206
Reviewed-on: http://gerrit.openafs.org/4049
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Extend the KeyFile API so that we can support arbitrary numbers of
different key types, each with their own key version numbers and
sub types. Completely rewrite the KeyFile implementation with this
in mind, but implement all of the "old" API in terms of the new one.
Given that the existing KeyFile is modified by third party programs,
we retain that as the storage location for all afsconf_rxkad keys.
Only keys with a type of 1, or above are stored in the new extended
keyfile.
Change-Id: I903a1de938544541a1bfecedb2a039ba24bdfdbc
Reviewed-on: http://gerrit.openafs.org/3772
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Add tests for all of the public functions that afsconf exports
to manipulate KeyFiles. Include a sample Keyfile to start with, to
ensure that we can continue to read KeyFiles produced by current
versions of the code.
These tests are here to catch regressions with a forthcoming rewrite
of KeyFile handling.
Change-Id: I02aaff82aa7e1b7a73981c7cf26a81164e0dd932
Reviewed-on: http://gerrit.openafs.org/3598
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Add tests for the functions afsconf_SuperUser() and
afsconf_SuperIdentity(). These had been missing tests because testing
them requires starting a client and a server, so amend the superuser-t
tests so that they can start up a simple server.
Fix a number of problems that the tests expose, with setting (and
freeing) identities in corner cases.
Change-Id: I29f5f9eda7f532c98183d588e488d704f8efad88
Reviewed-on: http://gerrit.openafs.org/3593
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Extend the userok interface provided by the auth library to permit the
addition, deletion and inspection of identities within the UserList.
A number of additional functions are added, as direct replacements for
their Kerberos v4 only counterparts - these are:
*) afsconf_DeleteIdentity
*) afsconf_GetNthIdentity
*) afsconf_AddIdentity
*) afsconf_SuperIdentity
In addition, a new function is added to allow the status of any given
identity to be queried
*) afsconf_IsSuperIdentity
New form identities are stored within the same UserList file as
Kerberos v4 identities. We take advantage of the fact that the current
code skips any entry with a leading whitespace. Identities are stored as
a single line, with a leading space, followed by the integer
representation of their type (0 for Kerberos 4, 1 for GSSAPI), followed
by the base64 encoded representation of their exported name, followed by
the display name of the identity. Each field is whitespace separated.
For example:
1 BAEACwYJKoZIhvcSAQICAAAAEHN4d0BJTkYuRUQuQUMuVUs= sxw@INF.ED.AC.UK
is the representation of the GSSAPI identity "sxw@INF.ED.AC.UK"
An addition to the test suite is also provided which will test all of
the existing, and new super user manipulation functions.
Change-Id: I50648bb1ecc3037a90d623c87a60193be4f122ff
Reviewed-on: http://gerrit.openafs.org/3355
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
