int
HandleCommonOptions(int option, char *arg)
{
int tmp;
OM_uint32 majStat;
OM_uint32 minStat;
switch (option) {
case 'p':
if (gfarmGetInt(arg, &tmp) < 0) {
fprintf(stderr, "illegal port number.\n");
return -1;
}
if (tmp <= 0) {
fprintf(stderr, "port number must be > 0.\n");
return -1;
} else if (tmp > 65535) {
fprintf(stderr, "port number must be < 65536.\n");
return -1;
}
port = tmp;
break;
case 'H':
if (arg != NULL && *arg != '\0') {
hostName = strdup(arg);
}
break;
case 'S':
if (arg != NULL && *arg != '\0') {
serviceName = arg;
}
break;
case 'M': /* mechanism specific name */
if (gfarmGssImportName(&acceptorName,
arg, strlen(arg), GSS_C_NO_OID,
&majStat, &minStat) < 0) {
fprintf(stderr, "gfarmGssImportName(GSS_C_NO_OID) failed.\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
acceptorSpecified = 1;
break;
case 'N':
acceptorName = GSS_C_NO_NAME;
acceptorSpecified = 1;
break;
case 'n':
if (gfarmGssImportName(&acceptorName,
arg, strlen(arg), GSS_C_NT_USER_NAME,
&majStat, &minStat) < 0) {
fprintf(stderr, "gfarmGssImportName(GSS_C_NT_USER_NAME)"
" failed.\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
acceptorSpecified = 1;
break;
case 'U':
if (gfarmGssImportName(&acceptorName,
arg, strlen(arg), GSS_C_NT_STRING_UID_NAME,
&majStat, &minStat) < 0) {
fprintf(stderr, "gfarmGssImportName(GSS_C_NT_STRING_UID_NAME)"
" failed.\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
acceptorSpecified = 1;
break;
case 'X': /* This isn't guaranteed to work */
if (gfarmGssImportName(&acceptorName,
arg, strlen(arg), GSS_C_NT_EXPORT_NAME,
&majStat, &minStat) < 0) {
fprintf(stderr, "gfarmGssImportName(GSS_C_NT_EXPORT_NAME)"
" failed.\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
acceptorSpecified = 1;
break;
case 'u':
arg = getenv("USER");
if (arg == NULL)
arg = getenv("LOGNAME");
if (arg == NULL) {
fprintf(stderr, "neither $USER nor $LOGNAME isn't set");
return -1;
}
if (gfarmGssImportName(&acceptorName,
arg, strlen(arg), GSS_C_NT_USER_NAME,
&majStat, &minStat) < 0) {
fprintf(stderr, "gfarmGssImportName(GSS_C_NT_USER_NAME)"
" failed.\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
acceptorSpecified = 1;
break;
default:
fprintf(stderr, "error happens at an option\n");
return -1;
}
if (hostName != NULL || serviceName != NULL) {
if (hostName == NULL) {
char buf[2048];
if (gethostname(buf, sizeof(buf)) != 0) {
perror("gethostname");
return -1;
}
hostName = strdup(buf);
}
if (serviceName == NULL) {
if (gfarmGssImportNameOfHost(&acceptorName,
hostName, &majStat, &minStat) < 0) {
fprintf(stderr,
"gfarmGssImportNameOfHost() failed with:\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
} else {
if (gfarmGssImportNameOfHostBasedService(&acceptorName,
serviceName, hostName,
&majStat, &minStat) < 0) {
fprintf(stderr,
"gfarmGssImportNameOfHostBasedService() "
"failed with:\n");
gfarmGssPrintMajorStatus(majStat);
gfarmGssPrintMinorStatus(minStat);
return -1;
}
}
acceptorSpecified = 1;
}
return 0;
}
char *
gfarm_gsi_cred_config_convert_to_name(
enum gfarm_auth_cred_type type, char *service, char *name,
char *hostname,
gss_name_t *namep)
{
int rv;
OM_uint32 e_major;
OM_uint32 e_minor;
gss_cred_id_t cred;
switch (type) {
case GFARM_AUTH_CRED_TYPE_DEFAULT:
/* special. equivalent to GSS_C_NO_CREDENTIAL */
if (name != NULL)
return ("cred_type is not set, but cred_name is set");
if (service != NULL)
return ("cred_type is not set, but cred_service is set"
);
return ("internal error: missing GSS_C_NO_CREDENTIAL check");
case GFARM_AUTH_CRED_TYPE_NO_NAME:
if (name != NULL)
return ("cred_type is \"no-name\", "
"but cred_name is set");
if (service != NULL)
return ("cred_type is \"no-name\", "
"but cred_service is set");
*namep = GSS_C_NO_NAME;
return (NULL);
case GFARM_AUTH_CRED_TYPE_MECHANISM_SPECIFIC:
if (name == NULL)
return ("cred_type is \"mechanism-specific\", "
"but cred_name is not set");
if (service != NULL)
return ("cred_type is \"mechanism-specific\", "
"but cred_service is set");
rv = gfarmGssImportName(namep, name, strlen(name),
GSS_C_NO_OID, &e_major, &e_minor);
break;
case GFARM_AUTH_CRED_TYPE_HOST:
if (name == NULL)
name = hostname;
if (service == NULL) {
rv = gfarmGssImportNameOfHost(namep, name,
&e_major, &e_minor);
} else {
rv = gfarmGssImportNameOfHostBasedService(namep,
service, name, &e_major, &e_minor);
}
break;
case GFARM_AUTH_CRED_TYPE_USER:
if (service != NULL)
return ("cred_type is \"user\", "
"but cred_service is set");
/*
* XXX FIXME: `name' must be converted from global_username
* to local_username, but there is no such function for now.
*/
if (name == NULL)
name = gfarm_get_local_username();
rv = gfarmGssImportName(namep, name, strlen(name),
GSS_C_NT_USER_NAME, &e_major, &e_minor);
break;
case GFARM_AUTH_CRED_TYPE_SELF:
/* special. there is no corresponding name_type in GSSAPI */
if (name != NULL)
return ("cred_type is \"self\", but cred_name is set");
if (service != NULL)
return ("cred_type is \"self\", "
"but cred_service is set");
if (gfarmSecSessionGetInitiatorInitialCredential(&cred) < 0 ||
cred == GSS_C_NO_CREDENTIAL)
return ("cred_type is \"self\", "
"but not initialized as an initiator");
rv = gfarmGssNewCredentialName(namep, cred, &e_major,&e_minor);
break;
default:
return ("internal error - invalid cred_type");
}
if (rv < 0) {
if (gflog_auth_get_verbose()) {
gflog_error("gfarmGssImportName(): "
"invalid credential configuration:");
gfarmGssPrintMajorStatus(e_major);
gfarmGssPrintMinorStatus(e_minor);
}
return ("invalid credential configuration");
}
return (NULL);
}
