Ejemplo n.º 1
0
void
libcfs_ssl_logerr(int level, SSL *ssl, int code)
{
#define ERRBUF_LEN 256
	int xcode = SSL_get_error(ssl, code);
	char sbuf[ERRBUF_LEN];

	if (ERR_error_string(ERR_get_error(), sbuf) == NULL)
		psclog_error("unable to get SSL error");
	psclog(level, "ssl error: %s (%d)", sbuf, xcode);
}
Ejemplo n.º 2
0
/**
 * pfl_socket_setnosig - Try to set "no SIGPIPE" on a socket.
 * @sock: socket file descriptor.
 */
void
pfl_socket_setnosig(int sock)
{
#ifdef SO_NOSIGPIPE
	socklen_t optsiz;
	int optval;

	optval = 1;
	optsiz = sizeof(optval);
	if (setsockopt(sock, SOL_SOCKET, SO_NOSIGPIPE,
	    &optval, optsiz) == -1)
		psclog_error("setsockopt");
#else
	(void)sock;
#endif
}
Ejemplo n.º 3
0
int
wipefs_fidns(FTSENT *f, __unusedx void *arg)
{
	int rc = 0, skiplevel = ion ? 7 : 6;
	const char *fn;

	fn = f->fts_path;
	if (f->fts_level < 1)
		return (0);
	if (f->fts_info == FTS_D || f->fts_info == FTS_DP) {
		if (f->fts_info == FTS_DP && rmdir(fn) == -1)
			psc_fatal("rmdir %s", fn);

		/*
		 * Do not descend into hardlinked directories.
		 *
		 * MDS:
		 *	0 -> dir
		 *	1 -> dir/.slmd
		 *	2 -> dir/.slmd/fidns
		 *	3 -> dir/.slmd/fidns/0
		 *	4 -> dir/.slmd/fidns/0/1
		 *	5 -> dir/.slmd/fidns/0/1/2
		 *	6 -> dir/.slmd/fidns/0/1/2/3
		 *	7 -> dir/.slmd/fidns/0/1/2/3/file
		 *
		 * IO:
		 *	0 -> dir
		 *	1 -> dir/.slmd
		 *	2 -> dir/.slmd/fsuuid
		 *	3 -> dir/.slmd/fsuuid/fidns
		 *	4 -> dir/.slmd/fsuuid/fidns/0
		 *	5 -> dir/.slmd/fsuuid/fidns/0/1
		 *	6 -> dir/.slmd/fsuuid/fidns/0/1/2
		 *	7 -> dir/.slmd/fsuuid/fidns/0/1/2/3
		 *	8 -> dir/.slmd/fsuuid/fidns/0/1/2/3/file
		 */
		else if (f->fts_level > skiplevel)
			pfl_fts_set(f, FTS_SKIP);
	} else if (unlink(fn) == -1)
		psclog_error("unlink %s", fn);
	return (rc);
}
Ejemplo n.º 4
0
int
wipefs_user(FTSENT *f, __unusedx void *arg)
{
	const char *p, *fn;
	int rc = 0;

	fn = f->fts_path;
	if (f->fts_level < 1)
		return (0);
	if (f->fts_info == FTS_D || f->fts_info == FTS_DP) {
		/* skip SLASH2 internal metadata */
		p = strrchr(fn, '/');
		if (p)
			p++;
		else
			p = fn;
		if (strcmp(p, SL_RPATH_META_DIR) == 0)
			pfl_fts_set(f, FTS_SKIP);
		else if (f->fts_info == FTS_DP && rmdir(fn) == -1)
			psc_fatal("rmdir %s", fn);
	} else if (unlink(fn) == -1)
		psclog_error("unlink %s", fn);
	return (rc);
}
Ejemplo n.º 5
0
acl_t
pfl_acl_from_xattr(const void *buf, size_t size)
{
	int i, entries;
	const struct acl_ea_header *h = buf;
	const struct acl_ea_entry *xe = PSC_AGP(h + 1, 0);
	unsigned int xperms;
	acl_permset_t permset;
	acl_entry_t e;
	acl_tag_t tag;
	acl_t a;

	if (size < sizeof(*h)) {
		errno = EINVAL;
		return (NULL);
	}
	if (le32toh(h->version) != ACL_EA_VERSION) {
		errno = EINVAL;
		return (NULL);
	}
	size -= sizeof(*h);
	if (size % sizeof(*xe)) {
		errno = EINVAL;
		return (NULL);
	}
	entries = size / sizeof(*xe);

	a = acl_init(entries);
	if (a == NULL)
		return (NULL);
	for (i = 0; i < entries; i++, xe++) {
		acl_create_entry(&a, &e);
		if (acl_get_permset(e, &permset) == -1)
			psclog_error("get_permset");
		acl_clear_perms(permset);

		xperms = le16toh(xe->perm);

		if (xperms & ACL_READ)
			acl_add_perm(permset, ACL_READ);
		if (xperms & ACL_WRITE)
			acl_add_perm(permset, ACL_WRITE);
		if (xperms & ACL_EXECUTE)
			acl_add_perm(permset, ACL_EXECUTE);
		if (acl_set_permset(e, permset) == -1)
			psclog_error("set_permset");

		acl_set_tag_type(e, tag = le16toh(xe->tag));

		switch (tag) {
		case ACL_USER: {
			uid_t uid = le32toh(xe->id);

			acl_set_qualifier(e, &uid);
			break;
		    }
		case ACL_GROUP: {
			gid_t gid = le32toh(xe->id);

			acl_set_qualifier(e, &gid);
			break;
		    }
		}
	}
	return (a);
}
Ejemplo n.º 6
0
int
sl_checkacls(acl_t a, struct srt_stat *sstb,
    const struct pscfs_creds *pcrp, int accmode)
{
	int wh, rv = EACCES, i, rc, prec = 6;
	acl_entry_t e, authz = NULL, mask = NULL;
	acl_tag_t tag;
	gid_t *gp, g;
	uid_t *up;

	wh = ACL_FIRST_ENTRY;
	while ((rc = acl_get_entry(a, wh, &e)) == 1) {
		wh = ACL_NEXT_ENTRY;

		rc = acl_get_tag_type(e, &tag);
		switch (tag) {
		case ACL_USER_OBJ:
			if (sstb->sst_uid == pcrp->pcr_uid)
				ACL_SET_PRECEDENCE(1, prec, e, authz);
			break;
		case ACL_USER:
			up = acl_get_qualifier(e);
			if (*up == pcrp->pcr_uid)
				ACL_SET_PRECEDENCE(2, prec, e, authz);
			break;

		case ACL_GROUP_OBJ:
			FOREACH_GROUP(g, i, pcrp)
				if (g == sstb->sst_gid) {
					ACL_SET_PRECEDENCE(3, prec, e,
					    authz);
					break;
				}
			break;
		case ACL_GROUP:
			gp = acl_get_qualifier(e);
			FOREACH_GROUP(g, i, pcrp)
				if (g == *gp) {
					ACL_SET_PRECEDENCE(4, prec, e,
					    authz);
					break;
				}
			break;

		case ACL_OTHER:
			ACL_SET_PRECEDENCE(5, prec, e, authz);
			break;

		case ACL_MASK:
			mask = e;
			break;

		default:
			psclog_error("acl_get_tag_type");
			break;
		}
	}
	if (rc == -1)
		psclog_error("acl_get_entry");
	else if (authz) {
		rv = ACL_AUTH(authz, accmode);
		if (prec != 1 && prec != 5 &&
		    rv == 0 && mask)
			rv = ACL_AUTH(mask, accmode);
	}
#ifdef SLOPT_POSIX_ACLS_REVERT
	else
		rv = checkcreds(sstb, pcrp, accmode);
#endif
	return (rv);
}