mirror of
https://git.openafs.org/openafs.git
synced 2025-01-18 15:00:12 +00:00
2630e70550
Each server process can log a couple of different warnings about the server keys found on disk: - If afsconf_GetLatestKey() returns success (indicating a single-DES key is present), we call LogDesWarning(). - If afsconf_CountKeys() returns 0 (indicating there are no keys at all on disk), we log a warning that all authenticated access will fail. Currently, the code to do these checks and log the relevant warning is duplicated across the startup code for nearly every server process. To avoid this duplication, and to make sure the checks aren't accidentally skipped for anyone, move these checks to afsconf_BuildServerSecurityObjects, which every server process calls. We must add an additional parameter to afsconf_BuildServerSecurityObjects to handle the different logging mechanism these servers use, but afsconf_BuildServerSecurityObjects is declared in a public header (cellconfig.h), and is exported in a public library (libafsauthent). So to avoid changing a public symbol, introduce a new variant of the function, called afsconf_BuildServerSecurityObjects_int. Declare this in a new internal header, authcon.h. We don't have easily-usable logging functions for upserver and butc, so just don't log the warnings for those. For ubik servers, don't update ubik_SetServerSecurityProcs to use the new function; the initial call to afsconf_BuildServerSecurityObjects_int in the server's startup code will cover logging the warning on startup. Change-Id: I5d5fceefdaf907f96db9f1c0d21ceb6957299a59 Reviewed-on: https://gerrit.openafs.org/10831 Tested-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| authcon-t.c | ||
| KeyFile | ||
| KeyFile.short | ||
| keys-t.c | ||
| Makefile.in | ||
| realms-t.c | ||
| superuser-t.c | ||
| test.xg | ||
| writekeyfile.c | ||
| writeoldkey-t | ||