Ejemplo n.º 1
0
/* returns true iff user is in the UserList file */
static int
FindUser(struct afsconf_dir *adir, register char *auser)
{
    char tbuffer[256];
    register bufio_p bp;
    char tname[64 + 1];
    register int flag;
    register afs_int32 code;
    int rc;

    strcompose(tbuffer, sizeof tbuffer, adir->name, "/", AFSDIR_ULIST_FILE,
	       NULL);
    bp = BufioOpen(tbuffer, O_RDONLY, 0);
    if (!bp)
	return 0;
    flag = 0;
    while (1) {
	/* check for our user id */
	rc = BufioGets(bp, tbuffer, sizeof(tbuffer));
	if (rc < 0)
	    break;
	code = sscanf(tbuffer, "%64s", tname);
	if (code == 1 && strcmp(tname, auser) == 0) {
	    flag = 1;
	    break;
	}
    }
    BufioClose(bp);
    return flag;
}
Ejemplo n.º 2
0
int
afsconf_IsSuperIdentity(struct afsconf_dir *adir,
			struct rx_identity *user)
{
    bufio_p bp;
    char tbuffer[1024];
    struct rx_identity fileUser;
    int match;
    afs_int32 code;

    UserListFileName(adir, tbuffer, sizeof tbuffer);
    bp = BufioOpen(tbuffer, O_RDONLY, 0);
    if (!bp)
	return 0;
    match = 0;
    while (!match) {
	code = BufioGets(bp, tbuffer, sizeof(tbuffer));
        if (code < 0)
	    break;

	code = ParseLine(tbuffer, &fileUser);
	if (code != 0)
	   break;

	match = rx_identity_match(user, &fileUser);

	rx_identity_freeContents(&fileUser);
    }
    BufioClose(bp);
    return match;
}
Ejemplo n.º 3
0
/* This is a multi-purpose funciton for use by either
 * GetNthIdentity or GetNthUser. The parameter 'id' indicates
 * whether we are counting all identities (if true), or just
 * ones which can be represented by the old-style interfaces
 * We return -1 for EOF, 0 for success, and >0 for all errors.
 */
static int
GetNthIdentityOrUser(struct afsconf_dir *dir, int count,
		     struct rx_identity **identity, int id)
{
    bufio_p bp;
    char *tbuffer;
    struct rx_identity fileUser;
    afs_int32 code;

    tbuffer = malloc(AFSDIR_PATH_MAX);
    if (tbuffer == NULL)
	return ENOMEM;

    LOCK_GLOBAL_MUTEX;
    UserListFileName(dir, tbuffer, AFSDIR_PATH_MAX);
    bp = BufioOpen(tbuffer, O_RDONLY, 0);
    if (!bp) {
	UNLOCK_GLOBAL_MUTEX;
	free(tbuffer);
	return -1;
    }
    while (1) {
	code = BufioGets(bp, tbuffer, AFSDIR_PATH_MAX);
	if (code < 0) {
	    code = -1;
	    break;
	}

	code = ParseLine(tbuffer, &fileUser);
	if (code != 0)
	    break;

	if (id || fileUser.kind == RX_ID_KRB4)
	    count--;

	if (count < 0)
	    break;
        else
	    rx_identity_freeContents(&fileUser);
    }
    if (code == 0) {
	*identity = rx_identity_copy(&fileUser);
	rx_identity_freeContents(&fileUser);
    }

    BufioClose(bp);

    UNLOCK_GLOBAL_MUTEX;
    free(tbuffer);
    return code;
}
Ejemplo n.º 4
0
/* This is a multi-purpose funciton for use by either
 * GetNthIdentity or GetNthUser. The parameter 'id' indicates
 * whether we are counting all identities (if true), or just
 * ones which can be represented by the old-style interfaces
 */
static int
GetNthIdentityOrUser(struct afsconf_dir *dir, int count,
		     struct rx_identity **identity, int id)
{
    bufio_p bp;
    char tbuffer[1024];
    struct rx_identity fileUser;
    afs_int32 code;

    LOCK_GLOBAL_MUTEX;
    UserListFileName(dir, tbuffer, sizeof(tbuffer));
    bp = BufioOpen(tbuffer, O_RDONLY, 0);
    if (!bp) {
	UNLOCK_GLOBAL_MUTEX;
	return EIO;
    }
    while (1) {
	code = BufioGets(bp, tbuffer, sizeof(tbuffer));
	if (code < 0)
	    break;

	code = ParseLine(tbuffer, &fileUser);
	if (code != 0)
	    break;

	if (id || fileUser.kind == RX_ID_KRB4)
	    count--;

	if (count < 0)
	    break;
        else
	    rx_identity_freeContents(&fileUser);
    }
    if (code == 0) {
	*identity = rx_identity_copy(&fileUser);
	rx_identity_freeContents(&fileUser);
    }

    BufioClose(bp);

    UNLOCK_GLOBAL_MUTEX;
    return code;
}
Ejemplo n.º 5
0
int
afsconf_IsSuperIdentity(struct afsconf_dir *adir,
			struct rx_identity *user)
{
    bufio_p bp;
    char *tbuffer;
    struct rx_identity fileUser;
    int match;
    afs_int32 code;

    tbuffer = malloc(AFSDIR_PATH_MAX);
    if (tbuffer == NULL)
	return 0;

    UserListFileName(adir, tbuffer, AFSDIR_PATH_MAX);
    bp = BufioOpen(tbuffer, O_RDONLY, 0);
    if (!bp) {
	free(tbuffer);
	return 0;
    }
    match = 0;
    while (!match) {
	code = BufioGets(bp, tbuffer, AFSDIR_PATH_MAX);
        if (code < 0)
	    break;

	code = ParseLine(tbuffer, &fileUser);
	if (code != 0)
	   break;

	match = rx_identity_match(user, &fileUser);

	rx_identity_freeContents(&fileUser);
    }
    BufioClose(bp);
    free(tbuffer);
    return match;
}
Ejemplo n.º 6
0
static int
readHPSSconf()
{
    int i, j, cos, code = ENOENT;
    afs_uint64 value;
    struct stat64 tstat;
    char tbuffer[256];
    char minstr[128];
    char maxstr[128];
    char tmpstr[128];
    static time_t lastVersion = 0;

    if (!initialized) {
	MUTEX_INIT(&rxosd_hpss_mutex, "rxosd hpss lock", 0, 0);
	memset(&info, 0, sizeof(info));
	initialized = 1;
    }
    sprintf(tbuffer, "%s/HPSS.conf", AFSDIR_SERVER_BIN_DIRPATH);
    if (stat64(tbuffer, &tstat) == 0) {
	code = 0;
#ifdef AFS_AIX53_ENV
	if (tstat.st_mtime > lastVersion) {
#else
	if (tstat.st_mtim.tv_sec > lastVersion) {
#endif
	    bufio_p bp = BufioOpen(tbuffer, O_RDONLY, 0);
	    if (bp) {
		while (1) {
		    j = BufioGets(bp, tbuffer, sizeof(tbuffer));
		    if (j < 0)
			break;
		    j = sscanf(tbuffer, "COS %u min %s max %s",
				 &cos, &minstr, &maxstr);
		    if (j == 3) {
		        for (i=0; i<MAXCOS; i++) {
			    if (cos == info[i].cosId)
			        break;
			    if (info[i].cosId == 0)
			        break;
		        }
		        if (i<MAXCOS) 
			    code = fillInfo(&info[i], cos, minstr, maxstr);
		    } else {
		        j = sscanf(tbuffer, "PRINCIPAL %s", &tmpstr);
			if (j == 1) {
			    strncpy(ourPrincipal, tmpstr, sizeof(ourPrincipal));
			    ourPrincipal[sizeof(ourPrincipal) -1] = 0; /*just in case */
			    continue;
			}
		        j = sscanf(tbuffer, "KEYTAB %s", &tmpstr);
			if (j == 1) {
			    strncpy(ourKeytab, tmpstr, sizeof(ourKeytab));
			    ourKeytab[sizeof(ourKeytab) -1] = 0; /*just in case */
			    continue;
			}
		        j = sscanf(tbuffer, "PATH %s", &tmpstr);
			if (j == 1) {
			    strncpy(ourPath, tmpstr, sizeof(ourPath));
			    ourPath[sizeof(ourPath) -1] = 0; /*just in case */
			    continue;
			}
		        j = sscanf(tbuffer, "LIB %s", &tmpstr);
			if (j == 1) {
			    int k;
			    for (k=0; k<MAX_HPSS_LIBS; k++) {
				if (parms.ourLibs[k] == NULL)
				    break;
				if (strcmp(parms.ourLibs[k], tmpstr) == 0)
				    goto found;
			    }
			    for (k=0; k<MAX_HPSS_LIBS; k++) { 
				if (parms.ourLibs[k] == NULL) {
				    parms.ourLibs[k] = malloc(strlen(tmpstr) + 1);
				    sprintf(parms.ourLibs[k], "%s", tmpstr);
				    break;
				}
			    }
			found:
			    continue;
			}
		    }
		}
		BufioClose(bp);
	    }
	    if (!code)
#ifdef AFS_AIX53_ENV
		lastVersion = tstat.st_mtime;
#else
		lastVersion = tstat.st_mtim.tv_sec;
#endif
	}
    }
    return code;
}

static void checkCode(afs_int32 code)
{
    /*
     * If we get a code of -13 back from HPSS something is wrong with our
     * authentication. Try to force e new authentication.
     */
    if (code == -13) 	/* permission */
	*(rxosd_var->lastAuth) = 0;
}

/* 
 * This routine is called by the FiveMinuteCcheck
 */
afs_int32 
authenticate_for_hpss(void)
{
    afs_int32 code = 0, i;
    time_t now = time(0);
    static int authenticated = 0;
    char *principal;
    char *keytab;

    code = readHPSSconf();
    if (code)
	return code;

    if (now - *(rxosd_var->lastAuth) > TWENTYDAYS) {
	if (authenticated) {
	    waiting = 1;
	    while (HPSStransactions > 0) {
	        CV_WAIT(&auth_cond, &rxosd_hpss_mutex);
	    }
	    hpss_ClientAPIReset();
	    hpss_PurgeLoginCred();
	    authenticated = 0;
	}
	principal = &ourPrincipal;
	keytab = &ourKeytab;
        code = hpss_SetLoginCred(principal, hpss_authn_mech_krb5,
                             hpss_rpc_cred_client,
                             hpss_rpc_auth_type_keytab, keytab);
        if (!code) {
	    authenticated = 1;
	    *(rxosd_var->lastAuth) = now;
	}
	waiting = 0;
        if (waiters)
	    assert(pthread_cond_broadcast(&auth_cond) == 0);
    }
    return code;
}