static void do_client(const char *server, short port, char *filename, afs_int32 command, afs_int32 times, afs_int32 bytes, afs_int32 sendbytes, afs_int32 readbytes, int dumpstats, int nojumbo, int maxmtu, int maxwsize, int minpeertimeout, int udpbufsz, int nostats, int hotthread, int threads) { struct rx_connection *conn; afs_uint32 addr; struct rx_securityClass *secureobj; int secureindex; int ret; char stamp[2048]; struct client_data *params; #ifdef AFS_PTHREAD_ENV int i; pthread_t thread[MAX_THREADS]; pthread_attr_t tattr; void *status; #endif params = malloc(sizeof(struct client_data)); memset(params, 0, sizeof(struct client_data)); #ifdef AFS_NT40_ENV if (afs_winsockInit() < 0) { printf("Can't initialize winsock.\n"); exit(1); } #endif if (hotthread) rx_EnableHotThread(); if (nostats) rx_enable_stats = 0; addr = str2addr(server); rx_SetUdpBufSize(udpbufsz); ret = rx_Init(0); if (ret) errx(1, "rx_Init failed"); if (nojumbo) rx_SetNoJumbo(); if (maxmtu) rx_SetMaxMTU(maxmtu); if (maxwsize) { rx_SetMaxReceiveWindow(maxwsize); rx_SetMaxSendWindow(maxwsize); } if (minpeertimeout) rx_SetMinPeerTimeout(minpeertimeout); get_sec(0, &secureobj, &secureindex); switch (command) { case RX_PERF_RPC: sprintf(stamp, "RPC: threads\t%d, times\t%d, write bytes\t%d, read bytes\t%d", threads, times, sendbytes, readbytes); break; case RX_PERF_RECV: sprintf(stamp, "RECV: threads\t%d, times\t%d, bytes\t%d", threads, times, bytes); break; case RX_PERF_SEND: sprintf(stamp, "SEND: threads\t%d, times\t%d, bytes\t%d", threads, times, bytes); break; case RX_PERF_FILE: sprintf(stamp, "FILE %s: threads\t%d, times\t%d, bytes\t%d", filename, threads, times, bytes); break; } conn = rx_NewConnection(addr, htons(port), RX_SERVER_ID, secureobj, secureindex); if (conn == NULL) errx(1, "failed to contact server"); #ifdef AFS_PTHREAD_ENV pthread_attr_init(&tattr); pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_JOINABLE); #endif params->conn = conn; params->filename = filename; params->command = command; params->times = times; params->bytes = bytes; params->sendbytes = sendbytes; params->readbytes = readbytes; start_timer(); #ifdef AFS_PTHREAD_ENV for ( i=0; i<threads; i++) { pthread_create(&thread[i], &tattr, client_thread, params); if ( (i + 1) % RX_MAXCALLS == 0 ) { conn = rx_NewConnection(addr, htons(port), RX_SERVER_ID, secureobj, secureindex); if (conn != NULL) { struct client_data *new_params = malloc(sizeof(struct client_data)); memcpy(new_params, params, sizeof(struct client_data)); new_params->conn = conn; params = new_params; } } } #else client_thread(params); #endif #ifdef AFS_PTHREAD_ENV for ( i=0; i<threads; i++) pthread_join(thread[i], &status); #endif switch (command) { case RX_PERF_RPC: end_and_print_timer(stamp, (long long)threads*times*(sendbytes+readbytes)); break; case RX_PERF_RECV: case RX_PERF_SEND: case RX_PERF_FILE: end_and_print_timer(stamp, (long long)threads*times*bytes); break; } DBFPRINT(("done for good\n")); if (dumpstats) { rx_PrintStats(stdout); rx_PrintPeerStats(stdout, conn->peer); } rx_Finalize(); #ifdef AFS_PTHREAD_ENV pthread_attr_destroy(&tattr); #endif free(params); }
int main(int argc, char **argv, char **envp) { struct rx_service *tservice; afs_int32 code; struct afsconf_dir *tdir; int noAuth = 0; int i; char namebuf[AFSDIR_PATH_MAX]; int rxMaxMTU = -1; afs_uint32 host = htonl(INADDR_ANY); char *auditFileName = NULL; struct rx_securityClass **securityClasses; afs_int32 numClasses; #ifndef AFS_NT40_ENV int nofork = 0; struct stat sb; #endif #ifdef AFS_AIX32_ENV struct sigaction nsa; /* for some reason, this permits user-mode RX to run a lot faster. * we do it here in the bosserver, so we don't have to do it * individually in each server. */ tweak_config(); /* * The following signal action for AIX is necessary so that in case of a * crash (i.e. core is generated) we can include the user's data section * in the core dump. Unfortunately, by default, only a partial core is * generated which, in many cases, isn't too useful. */ sigemptyset(&nsa.sa_mask); nsa.sa_handler = SIG_DFL; nsa.sa_flags = SA_FULLDUMP; sigaction(SIGSEGV, &nsa, NULL); sigaction(SIGABRT, &nsa, NULL); #endif osi_audit_init(); signal(SIGFPE, bozo_insecureme); #ifdef AFS_NT40_ENV /* Initialize winsock */ if (afs_winsockInit() < 0) { ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0); fprintf(stderr, "%s: Couldn't initialize winsock.\n", argv[0]); exit(2); } #endif /* Initialize dirpaths */ if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) { #ifdef AFS_NT40_ENV ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0); #endif fprintf(stderr, "%s: Unable to obtain AFS server directory.\n", argv[0]); exit(2); } /* some path inits */ bozo_fileName = AFSDIR_SERVER_BOZCONF_FILEPATH; DoCore = AFSDIR_SERVER_LOGS_DIRPATH; /* initialize the list of dirpaths that the bosserver has * an interest in monitoring */ initBosEntryStats(); #if defined(AFS_SGI_ENV) /* offer some protection if AFS isn't loaded */ if (syscall(AFS_SYSCALL, AFSOP_ENDLOG) < 0 && errno == ENOPKG) { printf("bosserver: AFS doesn't appear to be configured in O.S..\n"); exit(1); } #endif #ifndef AFS_NT40_ENV /* save args for restart */ bozo_argc = argc; bozo_argv = malloc((argc+1) * sizeof(char*)); if (!bozo_argv) { fprintf(stderr, "%s: Failed to allocate argument list.\n", argv[0]); exit(1); } bozo_argv[0] = (char*)AFSDIR_SERVER_BOSVR_FILEPATH; /* expected path */ bozo_argv[bozo_argc] = NULL; /* null terminate list */ #endif /* AFS_NT40_ENV */ /* parse cmd line */ for (code = 1; code < argc; code++) { #ifndef AFS_NT40_ENV bozo_argv[code] = argv[code]; #endif /* AFS_NT40_ENV */ if (strcmp(argv[code], "-noauth") == 0) { /* set noauth flag */ noAuth = 1; } else if (strcmp(argv[code], "-log") == 0) { /* set extra logging flag */ DoLogging = 1; } #ifndef AFS_NT40_ENV else if (strcmp(argv[code], "-syslog") == 0) { /* set syslog logging flag */ DoSyslog = 1; } else if (strncmp(argv[code], "-syslog=", 8) == 0) { DoSyslog = 1; DoSyslogFacility = atoi(argv[code] + 8); } else if (strncmp(argv[code], "-cores=", 7) == 0) { if (strcmp((argv[code]+7), "none") == 0) DoCore = 0; else DoCore = (argv[code]+7); } else if (strcmp(argv[code], "-nofork") == 0) { nofork = 1; } #endif else if (strcmp(argv[code], "-enable_peer_stats") == 0) { rx_enablePeerRPCStats(); } else if (strcmp(argv[code], "-enable_process_stats") == 0) { rx_enableProcessRPCStats(); } else if (strcmp(argv[code], "-restricted") == 0) { bozo_isrestricted = 1; } else if (strcmp(argv[code], "-rxbind") == 0) { rxBind = 1; } else if (strcmp(argv[code], "-allow-dotted-principals") == 0) { rxkadDisableDotCheck = 1; } else if (!strcmp(argv[code], "-rxmaxmtu")) { if ((code + 1) >= argc) { fprintf(stderr, "missing argument for -rxmaxmtu\n"); exit(1); } rxMaxMTU = atoi(argv[++code]); } else if (strcmp(argv[code], "-auditlog") == 0) { auditFileName = argv[++code]; } else if (strcmp(argv[code], "-audit-interface") == 0) { char *interface = argv[++code]; if (osi_audit_interface(interface)) { printf("Invalid audit interface '%s'\n", interface); exit(1); } } else if (strncmp(argv[code], "-pidfiles=", 10) == 0) { DoPidFiles = (argv[code]+10); } else if (strncmp(argv[code], "-pidfiles", 9) == 0) { DoPidFiles = AFSDIR_BOSCONFIG_DIR; } else { /* hack to support help flag */ #ifndef AFS_NT40_ENV printf("Usage: bosserver [-noauth] [-log] " "[-auditlog <log path>] " "[-audit-interafce <file|sysvmq> (default is file)] " "[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals]" "[-syslog[=FACILITY]] " "[-restricted] " "[-enable_peer_stats] [-enable_process_stats] " "[-cores=<none|path>] \n" "[-pidfiles[=path]] " "[-nofork] " "[-help]\n"); #else printf("Usage: bosserver [-noauth] [-log] " "[-auditlog <log path>] " "[-audit-interafce <file|sysvmq> (default is file)] " "[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals]" "[-restricted] " "[-enable_peer_stats] [-enable_process_stats] " "[-cores=<none|path>] \n" "[-pidfiles[=path]] " "[-help]\n"); #endif fflush(stdout); exit(0); } } if (auditFileName) { osi_audit_file(auditFileName); } #ifndef AFS_NT40_ENV if (geteuid() != 0) { printf("bosserver: must be run as root.\n"); exit(1); } #endif code = bnode_Init(); if (code) { printf("bosserver: could not init bnode package, code %d\n", code); exit(1); } bnode_Register("fs", &fsbnode_ops, 3); bnode_Register("dafs", &dafsbnode_ops, 4); bnode_Register("simple", &ezbnode_ops, 1); bnode_Register("cron", &cronbnode_ops, 2); /* create useful dirs */ CreateDirs(DoCore); /* chdir to AFS log directory */ if (DoCore) chdir(DoCore); else chdir(AFSDIR_SERVER_LOGS_DIRPATH); #if 0 fputs(AFS_GOVERNMENT_MESSAGE, stdout); fflush(stdout); #endif /* go into the background and remove our controlling tty, close open file desriptors */ #ifndef AFS_NT40_ENV if (!nofork) daemon(1, 0); #endif /* ! AFS_NT40_ENV */ if ((!DoSyslog) #ifndef AFS_NT40_ENV && ((lstat(AFSDIR_BOZLOG_FILE, &sb) == 0) && !(S_ISFIFO(sb.st_mode))) #endif ) { strcpy(namebuf, AFSDIR_BOZLOG_FILE); strcat(namebuf, ".old"); renamefile(AFSDIR_BOZLOG_FILE, namebuf); /* try rename first */ bozo_logFile = fopen(AFSDIR_BOZLOG_FILE, "a"); if (!bozo_logFile) { printf("bosserver: can't initialize log file (%s).\n", AFSDIR_SERVER_BOZLOG_FILEPATH); exit(1); } /* keep log closed normally, so can be removed */ fclose(bozo_logFile); } else { #ifndef AFS_NT40_ENV openlog("bosserver", LOG_PID, DoSyslogFacility); #endif } #if defined(RLIMIT_CORE) && defined(HAVE_GETRLIMIT) { struct rlimit rlp; getrlimit(RLIMIT_CORE, &rlp); if (!DoCore) rlp.rlim_cur = 0; else rlp.rlim_max = rlp.rlim_cur = RLIM_INFINITY; setrlimit(RLIMIT_CORE, &rlp); getrlimit(RLIMIT_CORE, &rlp); bozo_Log("Core limits now %d %d\n",(int)rlp.rlim_cur,(int)rlp.rlim_max); } #endif /* Write current state of directory permissions to log file */ DirAccessOK(); if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = parseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) host = SHostAddrs[0]; } for (i = 0; i < 10; i++) { if (rxBind) { code = rx_InitHost(host, htons(AFSCONF_NANNYPORT)); } else { code = rx_Init(htons(AFSCONF_NANNYPORT)); } if (code) { bozo_Log("can't initialize rx: code=%d\n", code); sleep(3); } else break; } if (i >= 10) { bozo_Log("Bos giving up, can't initialize rx\n"); exit(code); } /* Disable jumbograms */ rx_SetNoJumbo(); if (rxMaxMTU != -1) { if (rx_SetMaxMTU(rxMaxMTU) != 0) { bozo_Log("bosserver: rxMaxMTU %d is invalid\n", rxMaxMTU); exit(1); } } code = LWP_CreateProcess(BozoDaemon, BOZO_LWP_STACKSIZE, /* priority */ 1, /* param */ NULL , "bozo-the-clown", &bozo_pid); /* try to read the key from the config file */ tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); if (!tdir) { /* try to create local cell config file */ struct afsconf_cell tcell; strcpy(tcell.name, "localcell"); tcell.numServers = 1; code = gethostname(tcell.hostName[0], MAXHOSTCHARS); if (code) { bozo_Log("failed to get hostname, code %d\n", errno); exit(1); } if (tcell.hostName[0][0] == 0) { bozo_Log("host name not set, can't start\n"); bozo_Log("try the 'hostname' command\n"); exit(1); } memset(tcell.hostAddr, 0, sizeof(tcell.hostAddr)); /* not computed */ code = afsconf_SetCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH, &tcell); if (code) { bozo_Log ("could not create cell database in '%s' (code %d), quitting\n", AFSDIR_SERVER_ETC_DIRPATH, code); exit(1); } tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); if (!tdir) { bozo_Log ("failed to open newly-created cell database, quitting\n"); exit(1); } } /* initialize audit user check */ osi_audit_set_user_check(tdir, bozo_IsLocalRealmMatch); /* read init file, starting up programs */ if ((code = ReadBozoFile(0))) { bozo_Log ("bosserver: Something is wrong (%d) with the bos configuration file %s; aborting\n", code, AFSDIR_SERVER_BOZCONF_FILEPATH); exit(code); } bozo_CreateRxBindFile(host); /* for local scripts */ /* opened the cell databse */ bozo_confdir = tdir; /* allow super users to manage RX statistics */ rx_SetRxStatUserOk(bozo_rxstat_userok); afsconf_SetNoAuthFlag(tdir, noAuth); afsconf_BuildServerSecurityObjects(tdir, &securityClasses, &numClasses); if (DoPidFiles) { bozo_CreatePidFile("bosserver", NULL, getpid()); } tservice = rx_NewServiceHost(host, 0, /* service id */ 1, "bozo", securityClasses, numClasses, BOZO_ExecuteRequest); rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 4); rx_SetStackSize(tservice, BOZO_LWP_STACKSIZE); /* so gethostbyname works (in cell stuff) */ if (rxkadDisableDotCheck) { rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS, (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK); } tservice = rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats", securityClasses, numClasses, RXSTATS_ExecuteRequest); rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 4); rx_StartServer(1); /* donate this process */ return 0; }
static void do_server(short port, int nojumbo, int maxmtu, int maxwsize, int minpeertimeout, int udpbufsz, int nostats, int hotthread, int minprocs, int maxprocs) { struct rx_service *service; struct rx_securityClass *secureobj; int secureindex; int ret; #ifdef AFS_NT40_ENV if (afs_winsockInit() < 0) { printf("Can't initialize winsock.\n"); exit(1); } #endif if (hotthread) rx_EnableHotThread(); if (nostats) rx_enable_stats = 0; rx_SetUdpBufSize(udpbufsz); ret = rx_Init(htons(port)); if (ret) errx(1, "rx_Init failed"); if (nojumbo) rx_SetNoJumbo(); if (maxmtu) rx_SetMaxMTU(maxmtu); if (maxwsize) { rx_SetMaxReceiveWindow(maxwsize); rx_SetMaxSendWindow(maxwsize); } if (minpeertimeout) rx_SetMinPeerTimeout(minpeertimeout); get_sec(1, &secureobj, &secureindex); service = rx_NewService(0, RX_SERVER_ID, "rxperf", &secureobj, secureindex, rxperf_ExecuteRequest); if (service == NULL) errx(1, "Cant create server"); rx_SetMinProcs(service, minprocs); rx_SetMaxProcs(service, maxprocs); rx_SetCheckReach(service, 1); rx_StartServer(1); abort(); }
int fsprobe_Init(int a_numServers, struct sockaddr_in *a_socketArray, int a_ProbeFreqInSecs, int (*a_ProbeHandler)(void), int a_debug) { /*fsprobe_Init */ static char rn[] = "fsprobe_Init"; /*Routine name */ register afs_int32 code; /*Return value */ static struct rx_securityClass *CBsecobj; /*Callback security object */ struct rx_securityClass *secobj; /*Client security object */ struct rx_service *rxsrv_afsserver; /*Server for AFS */ int arg_errfound; /*Argument error found? */ int curr_srv; /*Current server idx */ struct fsprobe_ConnectionInfo *curr_conn; /*Ptr to current conn */ char *hostNameFound; /*Ptr to returned host name */ int conn_err; /*Connection error? */ int PortToUse; /*Callback port to use */ /* * If we've already been called, snicker at the bozo, gently * remind him of his doubtful heritage, and return success. */ if (fsprobe_initflag) { fprintf(stderr, "[%s] Called multiple times!\n", rn); return (0); } else fsprobe_initflag = 1; /* * Check the parameters for bogosities. */ arg_errfound = 0; if (a_numServers <= 0) { fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_socketArray == (struct sockaddr_in *)0) { fprintf(stderr, "[%s] Null server socket array argument\n", rn); arg_errfound = 1; } if (a_ProbeFreqInSecs <= 0) { fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn, a_ProbeFreqInSecs); arg_errfound = 1; } if (a_ProbeHandler == (int (*)())0) { fprintf(stderr, "[%s] Null probe handler function argument\n", rn); arg_errfound = 1; } if (arg_errfound) return (-1); /* * Record our passed-in info. */ fsprobe_debug = a_debug; fsprobe_numServers = a_numServers; fsprobe_Handler = a_ProbeHandler; fsprobe_ProbeFreqInSecs = a_ProbeFreqInSecs; /* * Get ready in case we have to do a cleanup - basically, zero * everything out. */ fsprobe_CleanupInit(); /* * Allocate the necessary data structures and initialize everything * else. */ fsprobe_ConnInfo = (struct fsprobe_ConnectionInfo *) malloc(a_numServers * sizeof(struct fsprobe_ConnectionInfo)); if (fsprobe_ConnInfo == (struct fsprobe_ConnectionInfo *)0) { fprintf(stderr, "[%s] Can't allocate %d connection info structs (%"AFS_SIZET_FMT" bytes)\n", rn, a_numServers, (a_numServers * sizeof(struct fsprobe_ConnectionInfo))); return (-1); /*No cleanup needs to be done yet */ } #if 0 else fprintf(stderr, "[%s] fsprobe_ConnInfo allocated (%d bytes)\n", rn, a_numServers * sizeof(struct fsprobe_ConnectionInfo)); #endif /* 0 */ fsprobe_statsBytes = a_numServers * sizeof(struct ProbeViceStatistics); fsprobe_Results.stats = (struct ProbeViceStatistics *) malloc(fsprobe_statsBytes); if (fsprobe_Results.stats == NULL) { fprintf(stderr, "[%s] Can't allocate %d statistics structs (%d bytes)\n", rn, a_numServers, fsprobe_statsBytes); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } else if (fsprobe_debug) fprintf(stderr, "[%s] fsprobe_Results.stats allocated (%d bytes)\n", rn, fsprobe_statsBytes); fsprobe_probeOKBytes = a_numServers * sizeof(int); fsprobe_Results.probeOK = (int *)malloc(fsprobe_probeOKBytes); if (fsprobe_Results.probeOK == (int *)0) { fprintf(stderr, "[%s] Can't allocate %d probeOK array entries (%d bytes)\n", rn, a_numServers, fsprobe_probeOKBytes); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } else if (fsprobe_debug) fprintf(stderr, "[%s] fsprobe_Results.probeOK allocated (%d bytes)\n", rn, fsprobe_probeOKBytes); fsprobe_Results.probeNum = 0; fsprobe_Results.probeTime = 0; memset(fsprobe_Results.stats, 0, (a_numServers * sizeof(struct ProbeViceStatistics))); /* * Initialize the Rx subsystem, just in case nobody's done it. */ if (fsprobe_debug) fprintf(stderr, "[%s] Initializing Rx\n", rn); PortToUse = FSPROBE_CBPORT; do { code = rx_Init(htons(PortToUse)); if (code) { if (code == RX_ADDRINUSE) { if (fsprobe_debug) fprintf(stderr, "[%s] Callback port %d in use, advancing\n", rn, PortToUse); PortToUse++; } else { fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn); return (-1); } } } while (code); if (fsprobe_debug) fprintf(stderr, "[%s] Rx initialized on port %d\n", rn, PortToUse); /* * Create a null Rx server security object, to be used by the * Callback listener. */ CBsecobj = rxnull_NewServerSecurityObject(); if (CBsecobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create null security object for the callback listener.\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Callback server security object created\n", rn); /* * Create a null Rx client security object, to be used by the * probe LWP. */ secobj = rxnull_NewClientSecurityObject(); if (secobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create client security object for probe LWP.\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Probe LWP client security object created\n", rn); curr_conn = fsprobe_ConnInfo; conn_err = 0; for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) { /* * Copy in the socket info for the current server, resolve its * printable name if possible. */ if (fsprobe_debug) { fprintf(stderr, "[%s] Copying in the following socket info:\n", rn); fprintf(stderr, "[%s] IP addr 0x%x, port %d\n", rn, (a_socketArray + curr_srv)->sin_addr.s_addr, (a_socketArray + curr_srv)->sin_port); } memcpy(&(curr_conn->skt), a_socketArray + curr_srv, sizeof(struct sockaddr_in)); hostNameFound = hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr); if (hostNameFound == NULL) { fprintf(stderr, "[%s] Can't map Internet address %u to a string name\n", rn, curr_conn->skt.sin_addr.s_addr); curr_conn->hostName[0] = '\0'; } else { strcpy(curr_conn->hostName, hostNameFound); if (fsprobe_debug) fprintf(stderr, "[%s] Host name for server index %d is %s\n", rn, curr_srv, curr_conn->hostName); } /* * Make an Rx connection to the current server. */ if (fsprobe_debug) fprintf(stderr, "[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n", rn, curr_srv, curr_conn->skt.sin_addr.s_addr, curr_conn->skt.sin_port); curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ curr_conn->skt.sin_port, /*Server port */ 1, /*AFS service num */ secobj, /*Security object */ 0); /*Number of above */ if (curr_conn->rxconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to server %s (%u)\n", rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr); conn_err = 1; } if (fsprobe_debug) fprintf(stderr, "[%s] New connection at %p\n", rn, curr_conn->rxconn); /* * Make an Rx connection to the current volume server. */ if (fsprobe_debug) fprintf(stderr, "[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n", rn, curr_srv, curr_conn->skt.sin_addr.s_addr, htons(7005)); curr_conn->rxVolconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ htons(AFSCONF_VOLUMEPORT), /*Volume Server port */ VOLSERVICE_ID, /*AFS service num */ secobj, /*Security object */ 0); /*Number of above */ if (curr_conn->rxVolconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to volume server %s (%u)\n", rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr); conn_err = 1; } else { int i, cnt; memset(&curr_conn->partList, 0, sizeof(struct partList)); curr_conn->partCnt = 0; i = XListPartitions(curr_conn->rxVolconn, &curr_conn->partList, &cnt); if (!i) { curr_conn->partCnt = cnt; } } if (fsprobe_debug) fprintf(stderr, "[%s] New connection at %p\n", rn, curr_conn->rxVolconn); /* * Bump the current fsprobe connection to set up. */ curr_conn++; } /*for curr_srv */ /* * Create the AFS callback service (listener). */ if (fsprobe_debug) fprintf(stderr, "[%s] Creating AFS callback listener\n", rn); rxsrv_afsserver = rx_NewService(0, /*Use default port */ 1, /*Service ID */ "afs", /*Service name */ &CBsecobj, /*Ptr to security object(s) */ 1, /*Number of security objects */ RXAFSCB_ExecuteRequest); /*Dispatcher */ if (rxsrv_afsserver == (struct rx_service *)0) { fprintf(stderr, "[%s] Can't create callback Rx service/listener\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Callback listener created\n", rn); /* * Start up the AFS callback service. */ if (fsprobe_debug) fprintf(stderr, "[%s] Starting up callback listener.\n", rn); rx_StartServer(0 /*Don't donate yourself to LWP pool */ ); /* * Start up the probe LWP. */ if (fsprobe_debug) fprintf(stderr, "[%s] Creating the probe LWP\n", rn); code = LWP_CreateProcess(fsprobe_LWP, /*Function to start up */ LWP_STACK_SIZE, /*Stack size in bytes */ 1, /*Priority */ (void *)0, /*Parameters */ "fsprobe Worker", /*Name to use */ &probeLWP_ID); /*Returned LWP process ID */ if (code) { fprintf(stderr, "[%s] Can't create fsprobe LWP! Error is %d\n", rn, code); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (code); } if (fsprobe_debug) fprintf(stderr, "[%s] Probe LWP process structure located at %p\n", rn, probeLWP_ID); #if 0 /* * Do I need to do this? */ if (fsprobe_debug) fprintf(stderr, "[%s] Calling osi_Wakeup()\n", rn); osi_Wakeup(&rxsrv_afsserver); /*Wake up anyone waiting for it */ #endif /* 0 */ /* * Return the final results. */ if (conn_err) return (-2); else return (0); } /*fsprobe_Init */
void startClient(char *configPath) { struct afsconf_dir *dir; struct rx_identity *testId, *anotherId, *extendedId, *dummy; struct rx_securityClass *class; struct rx_connection *conn; afs_uint32 startTime; char ubuffer[256]; afs_int32 classIndex; int code; struct hostent *he; afs_uint32 addr; afs_int32 result; char *string = NULL; plan(63); dir = afsconf_Open(configPath); ok(dir!=NULL, "Configuration directory opened sucessfully by client"); /* Add a normal user to the super user file */ ok(afsconf_AddUser(dir, "test") == 0, "Adding a simple user works"); testId = rx_identity_new(RX_ID_KRB4, "test", "test", strlen("test")); /* Check that they are a super user */ ok(afsconf_IsSuperIdentity(dir, testId), "User added with old i/face is identitifed as super user"); /* Check that nobody else is */ ok(!afsconf_IsSuperIdentity(dir, rx_identity_new(RX_ID_KRB4, "testy", "testy", strlen("testy"))), "Additional users are not super users"); ok(afsconf_AddUser(dir, "test") == EEXIST, "Adding a user that already exists fails"); ok(afsconf_AddIdentity(dir, testId) == EEXIST, "Adding an identity that already exists fails"); anotherId = rx_identity_new(RX_ID_KRB4, "another", "another", strlen("another")); /* Add another normal user, but using the extended interface */ ok(afsconf_AddIdentity(dir, anotherId) == 0, "Adding a KRB4 identity works"); /* Check that they are a super user */ ok(afsconf_IsSuperIdentity(dir, anotherId), "User added with new i/face is identitifed as super user"); ok(afsconf_AddIdentity(dir, anotherId) == EEXIST, "Adding a KRB4 identity that already exists fails"); /* Add an extended user to the super user file */ extendedId = rx_identity_new(RX_ID_GSS, "*****@*****.**", "\x04\x01\x00\x0B\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x00\x00\x00\[email protected]", 35); ok(afsconf_AddIdentity(dir, extendedId) == 0, "Adding a GSSAPI identity works"); /* Check that they are now special */ ok(afsconf_IsSuperIdentity(dir, extendedId), "Added GSSAPI identity is a super user"); /* Check that display name isn't used for matches */ ok(!afsconf_IsSuperIdentity(dir, rx_identity_new(RX_ID_GSS, "*****@*****.**", "abcdefghijklmnopqrstuvwxyz123456789", 35)), "Display name is not used for extended matches"); ok(afsconf_AddIdentity(dir, extendedId) == EEXIST, "Adding GSSAPI identity twice fails"); /* Add a final normal user, so we can check that iteration works */ /* Add a normal user to the super user file */ ok(afsconf_AddUser(dir, "test2") == 0, "Adding another simple user works"); testOriginalIterator(dir, 0, "test"); testOriginalIterator(dir, 1, "another"); testOriginalIterator(dir, 2, "test2"); ok(afsconf_GetNthUser(dir, 3, ubuffer, sizeof ubuffer) != 0, "Reading past the end of the superuser list fails"); testNewIterator(dir, 0, testId); testNewIterator(dir, 1, anotherId); testNewIterator(dir, 2, extendedId); testNewIterator(dir, 3, rx_identity_new(RX_ID_KRB4, "test2", "test2", strlen("test2"))); ok(afsconf_GetNthIdentity(dir, 4, &dummy) != 0, "Reading past the end of the superuser list fails"); ok(afsconf_DeleteUser(dir, "notthere") != 0, "Deleting a user that doesn't exist fails"); /* Delete the normal user */ ok(afsconf_DeleteUser(dir, "another") == 0, "Deleting normal user works"); ok(!afsconf_IsSuperIdentity(dir, anotherId), "Deleted user is no longer super user"); ok(afsconf_IsSuperIdentity(dir, testId) && afsconf_IsSuperIdentity(dir, extendedId), "Other identities still are"); ok(afsconf_DeleteIdentity(dir, extendedId) == 0, "Deleting identity works"); ok(!afsconf_IsSuperIdentity(dir, extendedId), "Deleted identity is no longer special"); /* Now, what happens if we're doing something over the network instead */ code = rx_Init(0); is_int(code, 0, "Initialised RX"); /* Fake up an rx ticket. Note that this will be for the magic 'superuser' */ code = afsconf_ClientAuth(dir, &class, &classIndex); is_int(code, 0, "Can successfully create superuser token"); /* Start a connection to our test service with it */ he = gethostbyname("localhost"); if (!he) { printf("Couldn't look up server hostname"); exit(1); } memcpy(&addr, he->h_addr, sizeof(afs_uint32)); conn = rx_NewConnection(addr, htons(TEST_PORT), TEST_SERVICE_ID, class, classIndex); /* There's nothing in the list, so this just succeeds because we can */ code = TEST_CanI(conn, &result); is_int(0, code, "Can run a simple RPC"); code = TEST_WhoAmI(conn, &string); is_int(0, code, "Can get identity back"); is_string("<LocalAuth>", string, "Forged token is super user"); xdr_free((xdrproc_t)xdr_string, &string); /* Throw away this connection and security class */ rx_DestroyConnection(conn); rxs_Release(class); /* Now fake an rx ticket for a normal user. We have to do more work by hand * here, sadly */ startTime = time(NULL); class = afstest_FakeRxkadClass(dir, "rpctest", "", "", startTime, startTime + 60* 60); conn = rx_NewConnection(addr, htons(TEST_PORT), TEST_SERVICE_ID, class, RX_SECIDX_KAD); code = TEST_CanI(conn, &result); is_int(EPERM, code, "Running RPC as non-super user fails as expected"); code = TEST_NewCanI(conn, &result); is_int(EPERM, code, "Running new interface RPC as non-super user fails as expected"); code = TEST_WhoAmI(conn, &string); xdr_free((xdrproc_t)xdr_string, &string); is_int(EPERM, code, "Running RPC returning string fails as expected"); code = TEST_NewWhoAmI(conn, &string); xdr_free((xdrproc_t)xdr_string, &string); is_int(EPERM, code, "Running new interface RPC returning string fails as expected"); ok(afsconf_AddUser(dir, "rpctest") == 0, "Adding %s user works", "rpctest"); code = TEST_CanI(conn, &result); is_int(0, code, "Running RPC as rpctest works"); code = TEST_NewCanI(conn, &result); is_int(0, code, "Running new interface RPC as rpctest works"); code = TEST_WhoAmI(conn, &string); is_int(0, code, "Running RPC returning string as %s works", "rpctest"); is_string("rpctest", string, "Returned user string matches"); xdr_free((xdrproc_t)xdr_string, &string); code = TEST_NewWhoAmI(conn, &string); is_int(0, code, "Running new RPC returning string as %s works", "rpctest"); is_string("rpctest", string, "Returned user string for new interface matches"); xdr_free((xdrproc_t)xdr_string, &string); rx_DestroyConnection(conn); rxs_Release(class); /* Now try with an admin principal */ startTime = time(NULL); class = afstest_FakeRxkadClass(dir, "rpctest", "admin", "", startTime, startTime + 60* 60); conn = rx_NewConnection(addr, htons(TEST_PORT), TEST_SERVICE_ID, class, RX_SECIDX_KAD); code = TEST_CanI(conn, &result); is_int(EPERM, code, "Running RPC as non-super user fails as expected"); code = TEST_NewCanI(conn, &result); is_int(EPERM, code, "Running new interface RPC as non-super user fails as expected"); code = TEST_WhoAmI(conn, &string); xdr_free((xdrproc_t)xdr_string, &string); is_int(EPERM, code, "Running RPC returning string fails as expected"); code = TEST_NewWhoAmI(conn, &string); xdr_free((xdrproc_t)xdr_string, &string); is_int(EPERM, code, "Running new interface RPC returning string fails as expected"); ok(afsconf_AddUser(dir, "rpctest.admin") == 0, "Adding %s user works", "rpctest.admin"); code = TEST_CanI(conn, &result); is_int(0, code, "Running RPC as %s works", "rpctest/admin"); code = TEST_NewCanI(conn, &result); is_int(0, code, "Running new interface RPC as %s works", "rpctest/admin"); code = TEST_WhoAmI(conn, &string); is_int(0, code, "Running RPC returning string as %s works", "rpctest/admin"); is_string("rpctest.admin", string, "Returned user string matches"); xdr_free((xdrproc_t)xdr_string, &string); code = TEST_NewWhoAmI(conn, &string); is_int(0, code, "Running new interface RPC returning string as %s works", "rpctest/admin"); is_string("rpctest.admin", string, "Returned user string from new interface matches"); xdr_free((xdrproc_t)xdr_string, &string); rx_DestroyConnection(conn); rxs_Release(class); }
int xstat_fs_Init(int a_numServers, struct sockaddr_in *a_socketArray, int a_ProbeFreqInSecs, int (*a_ProbeHandler) (void), int a_flags, int a_numCollections, afs_int32 * a_collIDP) { static char rn[] = "xstat_fs_Init"; /*Routine name */ afs_int32 code; /*Return value */ static struct rx_securityClass *CBsecobj; /*Callback security object */ struct rx_securityClass *secobj; /*Client security object */ struct rx_service *rxsrv_afsserver; /*Server for AFS */ int arg_errfound; /*Argument error found? */ int curr_srv; /*Current server idx */ struct xstat_fs_ConnectionInfo *curr_conn; /*Ptr to current conn */ char *hostNameFound; /*Ptr to returned host name */ int conn_err; /*Connection error? */ int collIDBytes; /*Num bytes in coll ID array */ char hoststr[16]; /* * If we've already been called, snicker at the bozo, gently * remind him of his doubtful heritage, and return success. */ if (xstat_fs_initflag) { fprintf(stderr, "[%s] Called multiple times!\n", rn); return (0); } else xstat_fs_initflag = 1; /* * Check the parameters for bogosities. */ arg_errfound = 0; if (a_numServers <= 0) { fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_socketArray == (struct sockaddr_in *)0) { fprintf(stderr, "[%s] Null server socket array argument\n", rn); arg_errfound = 1; } if (a_ProbeFreqInSecs <= 0) { fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn, a_ProbeFreqInSecs); arg_errfound = 1; } if (a_ProbeHandler == (int (*)())0) { fprintf(stderr, "[%s] Null probe handler function argument\n", rn); arg_errfound = 1; } if (a_numCollections <= 0) { fprintf(stderr, "[%s] Illegal collection count argument: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_collIDP == NULL) { fprintf(stderr, "[%s] Null collection ID array argument\n", rn); arg_errfound = 1; } if (arg_errfound) return (-1); /* * Record our passed-in info. */ xstat_fs_debug = (a_flags & XSTAT_FS_INITFLAG_DEBUGGING); xstat_fs_oneShot = (a_flags & XSTAT_FS_INITFLAG_ONE_SHOT); xstat_fs_numServers = a_numServers; xstat_fs_Handler = a_ProbeHandler; xstat_fs_ProbeFreqInSecs = a_ProbeFreqInSecs; xstat_fs_numCollections = a_numCollections; collIDBytes = xstat_fs_numCollections * sizeof(afs_int32); xstat_fs_collIDP = malloc(collIDBytes); memcpy(xstat_fs_collIDP, a_collIDP, collIDBytes); if (xstat_fs_debug) { printf("[%s] Asking for %d collection(s): ", rn, xstat_fs_numCollections); for (curr_srv = 0; curr_srv < xstat_fs_numCollections; curr_srv++) printf("%d ", *(xstat_fs_collIDP + curr_srv)); printf("\n"); } /* * Get ready in case we have to do a cleanup - basically, zero * everything out. */ code = xstat_fs_CleanupInit(); if (code) return (code); /* * Allocate the necessary data structures and initialize everything * else. */ xstat_fs_ConnInfo = malloc(a_numServers * sizeof(struct xstat_fs_ConnectionInfo)); if (xstat_fs_ConnInfo == (struct xstat_fs_ConnectionInfo *)0) { fprintf(stderr, "[%s] Can't allocate %d connection info structs (%" AFS_SIZET_FMT " bytes)\n", rn, a_numServers, (a_numServers * sizeof(struct xstat_fs_ConnectionInfo))); return (-1); /*No cleanup needs to be done yet */ } /* * Initialize the Rx subsystem, just in case nobody's done it. */ if (xstat_fs_debug) printf("[%s] Initializing Rx\n", rn); code = rx_Init(0); if (code) { fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn); return (-1); } if (xstat_fs_debug) printf("[%s] Rx initialized\n", rn); /* * Create a null Rx server security object, to be used by the * Callback listener. */ CBsecobj = (struct rx_securityClass *) rxnull_NewServerSecurityObject(); if (CBsecobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create callback listener's security object.\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Callback server security object created\n", rn); /* * Create a null Rx client security object, to be used by the * probe LWP. */ secobj = rxnull_NewClientSecurityObject(); if (secobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create probe LWP client security object.\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Probe LWP client security object created\n", rn); curr_conn = xstat_fs_ConnInfo; conn_err = 0; for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) { /* * Copy in the socket info for the current server, resolve its * printable name if possible. */ if (xstat_fs_debug) { char hoststr[16]; printf("[%s] Copying in the following socket info:\n", rn); printf("[%s] IP addr %s, port %d\n", rn, afs_inet_ntoa_r((a_socketArray + curr_srv)->sin_addr.s_addr,hoststr), ntohs((a_socketArray + curr_srv)->sin_port)); } memcpy(&(curr_conn->skt), a_socketArray + curr_srv, sizeof(struct sockaddr_in)); hostNameFound = hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr); if (hostNameFound == NULL) { fprintf(stderr, "[%s] Can't map Internet address %s to a string name\n", rn, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr)); curr_conn->hostName[0] = '\0'; } else { strcpy(curr_conn->hostName, hostNameFound); if (xstat_fs_debug) printf("[%s] Host name for server index %d is %s\n", rn, curr_srv, curr_conn->hostName); } /* * Make an Rx connection to the current server. */ if (xstat_fs_debug) printf ("[%s] Connecting to srv idx %d, IP addr %s, port %d, service 1\n", rn, curr_srv, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr), ntohs(curr_conn->skt.sin_port)); curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ curr_conn->skt.sin_port, /*Server port */ 1, /*AFS service # */ secobj, /*Security obj */ 0); /*# of above */ if (curr_conn->rxconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to server '%s' (%s)\n", rn, curr_conn->hostName, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr)); conn_err = 1; } if (xstat_fs_debug) printf("[%s] New connection at %" AFS_PTR_FMT "\n", rn, curr_conn->rxconn); /* * Bump the current xstat_fs connection to set up. */ curr_conn++; } /*for curr_srv */ /* * Create the AFS callback service (listener). */ if (xstat_fs_debug) printf("[%s] Creating AFS callback listener\n", rn); rxsrv_afsserver = rx_NewService(0, /*Use default port */ 1, /*Service ID */ "afs", /*Service name */ &CBsecobj, /*Ptr to security object(s) */ 1, /*# of security objects */ RXAFSCB_ExecuteRequest); /*Dispatcher */ if (rxsrv_afsserver == (struct rx_service *)0) { fprintf(stderr, "[%s] Can't create callback Rx service/listener\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Callback listener created\n", rn); /* * Start up the AFS callback service. */ if (xstat_fs_debug) printf("[%s] Starting up callback listener.\n", rn); rx_StartServer(0); /*Don't donate yourself to LWP pool */ /* * Start up the probe LWP. */ if (xstat_fs_debug) printf("[%s] Creating the probe LWP\n", rn); code = LWP_CreateProcess(xstat_fs_LWP, /*Function to start up */ LWP_STACK_SIZE, /*Stack size in bytes */ 1, /*Priority */ (void *)0, /*Parameters */ "xstat_fs Worker", /*Name to use */ &probeLWP_ID); /*Returned LWP process ID */ if (code) { fprintf(stderr, "[%s] Can't create xstat_fs LWP! Error is %d\n", rn, code); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (code); } if (xstat_fs_debug) printf("[%s] Probe LWP process structure located at %" AFS_PTR_FMT "\n", rn, probeLWP_ID); /* * Return the final results. */ if (conn_err) return (-2); else return (0); }
afs_uint32 xfon_voldump(XFILE * X, int flag, char *name) { struct hostent *he; struct rx_securityClass *class; struct rx_connection *conn; struct ktc_principal sname; struct ktc_token token; struct afsconf_dir *confdir; afs_uint32 code, server_addr; afs_int32 volid, partid, date; int isnum, index; char *x, *y; /* Parse out the optional date and server location */ if (code = rx_Init(0)) return code; if (!(name = strdup(name))) return ENOMEM; if (x = strrchr(name, ',')) { *x++ = 0; date = atoi(x); } else { date = 0; } if (x = strrchr(name, '@')) { int a, b, c, d; *x++ = 0; if (!(y = strchr(x, '/'))) { free(name); return VL_BADPARTITION; } *y++ = 0; if (sscanf(x, "%d.%d.%d.%d", &a, &b, &c, &d) == 4 && a >= 0 && a <= 255 && b >= 0 && b <= 255 && c >= 0 && c <= 255 && d >= 0 && d <= 255) { server_addr = (a << 24) | (b << 16) | (c << 8) | d; server_addr = htonl(server_addr); } else { he = gethostbyname(x); if (!he) { free(name); return VL_BADSERVER; } memcpy(&server_addr, he->h_addr, sizeof(server_addr)); } partid = volutil_GetPartitionID(y); if (partid < 0) { free(name); return VL_BADPARTITION; } } /* Get tokens and set up a security object */ confdir = afsconf_Open(AFSCONF_CLIENTNAME); if (!confdir) { free(name); return AFSCONF_NODB; } if (code = afsconf_GetLocalCell(confdir, sname.cell, MAXKTCNAMELEN)) { free(name); return code; } afsconf_Close(confdir); strcpy(sname.name, "afs"); sname.instance[0] = 0; code = ktc_GetToken(&sname, &token, sizeof(token), 0); if (code) { class = rxnull_NewClientSecurityObject(); index = 0; } else {
afs_int32 pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell) { afs_int32 code; struct rx_connection *serverconns[MAXSERVERS]; struct rx_securityClass *sc = NULL; static struct afsconf_dir *tdir = NULL; /* only do this once */ static char tconfDir[100] = ""; static char tcell[64] = ""; afs_int32 scIndex; afs_int32 secFlags; static struct afsconf_cell info; afs_int32 i; char cellstr[64]; afs_int32 gottdir = 0; afs_int32 refresh = 0; initialize_PT_error_table(); initialize_RXK_error_table(); initialize_ACFG_error_table(); initialize_KTC_error_table(); if (!cell) { if (!tdir) tdir = afsconf_Open(confDir); if (!tdir) { if (confDir && strcmp(confDir, "")) fprintf(stderr, "%s: Could not open configuration directory: %s.\n", whoami, confDir); else fprintf(stderr, "%s: No configuration directory specified.\n", whoami); return -1; } gottdir = 1; code = afsconf_GetLocalCell(tdir, cellstr, sizeof(cellstr)); if (code) { fprintf(stderr, "libprot: Could not get local cell. [%d]\n", code); return code; } cell = cellstr; } if (tdir == NULL || strcmp(confDir, tconfDir) || strcmp(cell, tcell)) { /* * force re-evaluation. we either don't have an afsconf_dir, * the directory has changed or the cell has changed. */ if (tdir && !gottdir) { afsconf_Close(tdir); tdir = NULL; } pruclient = NULL; refresh = 1; } if (refresh) { strncpy(tconfDir, confDir, sizeof(tconfDir)); strncpy(tcell, cell, sizeof(tcell)); if (!gottdir) tdir = afsconf_Open(confDir); if (!tdir) { if (confDir && strcmp(confDir, "")) fprintf(stderr, "libprot: Could not open configuration directory: %s.\n", confDir); else fprintf(stderr, "libprot: No configuration directory specified.\n"); return -1; } code = afsconf_GetCellInfo(tdir, cell, "afsprot", &info); if (code) { fprintf(stderr, "libprot: Could not locate cell %s in %s/%s\n", cell, confDir, AFSDIR_CELLSERVDB_FILE); return code; } } /* If we already have a client and it is at the security level we * want, don't get a new one. Unless the security level is 2 in * which case we will get one (and re-read the key file). */ if (pruclient && (lastLevel == secLevel) && (secLevel != 2)) { return 0; } code = rx_Init(0); if (code) { fprintf(stderr, "libprot: Could not initialize rx.\n"); return code; } /* Most callers use secLevel==1, however, the fileserver uses secLevel==2 * to force use of the KeyFile. secLevel == 0 implies -noauth was * specified. */ if (secLevel == 2) { /* If secLevel is two assume we're on a file server and use * ClientAuthSecure if possible. */ code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex); if (code) afs_com_err(whoami, code, "(calling client secure)\n"); } else if (secLevel > 0) { secFlags = 0; if (secLevel > 1) secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT; code = afsconf_ClientAuthToken(&info, secFlags, &sc, &scIndex, NULL); if (code) { afs_com_err(whoami, code, "(getting token)"); if (secLevel > 1) return code; } } if (sc == NULL) { sc = rxnull_NewClientSecurityObject(); scIndex = RX_SECIDX_NULL; } if ((scIndex == RX_SECIDX_NULL) && (secLevel != 0)) fprintf(stderr, "%s: Could not get afs tokens, running unauthenticated\n", whoami); memset(serverconns, 0, sizeof(serverconns)); /* terminate list!!! */ for (i = 0; i < info.numServers; i++) serverconns[i] = rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, info.hostAddr[i].sin_port, PRSRV, sc, scIndex); code = ubik_ClientInit(serverconns, &pruclient); if (code) { afs_com_err(whoami, code, "ubik client init failed."); return code; } lastLevel = scIndex; code = rxs_Release(sc); return code; }
static int backupInit(void) { afs_int32 code; static int initd = 0; /* ever called? */ PROCESS watcherPid; PROCESS pid; /* LWP process ID */ /* Initialization */ initialize_CMD_error_table(); /* don't run more than once */ if (initd) { afs_com_err(whoami, 0, "Backup already initialized."); return 0; } initd = 1; code = bc_InitConfig((char *)DefaultConfDir); if (code) { afs_com_err(whoami, code, "Can't initialize from config files in directory '%s'", DefaultConfDir); return (code); } /* * Set up Rx. */ code = LWP_InitializeProcessSupport(LWP_NORMAL_PRIORITY, &pid); if (code) { afs_com_err(whoami, code, "; Can't initialize LWP"); return (code); } code = rx_Init(htons(0)); if (code) { afs_com_err(whoami, code, "; Can't initialize Rx"); return (code); } rx_SetRxDeadTime(60); /* VLDB initialization */ code = vldbClientInit(0, localauth, tcell, &cstruct, &tokenExpires); if (code) return (code); /* Backup database initialization */ code = udbClientInit(0, localauth, tcell); if (code) return (code); /* setup status monitoring thread */ initStatus(); code = LWP_CreateProcess(statusWatcher, 20480, LWP_NORMAL_PRIORITY, (void *)2, "statusWatcher", &watcherPid); if (code) { afs_com_err(whoami, code, "; Can't create status monitor task"); return (code); } return (0); }
void afspag_Init(afs_int32 nfs_server_addr) { struct clientcred ccred; struct rmtbulk idata, odata; afs_int32 code, err, addr, obuf; int i; afs_uuid_create(&afs_cb_interface.uuid); AFS_GLOCK(); afs_InitStats(); rx_Init(htons(7001)); AFS_STATCNT(afs_ResourceInit); AFS_RWLOCK_INIT(&afs_xuser, "afs_xuser"); AFS_RWLOCK_INIT(&afs_xpagcell, "afs_xpagcell"); AFS_RWLOCK_INIT(&afs_xpagsys, "afs_xpagsys"); AFS_RWLOCK_INIT(&afs_icl_lock, "afs_icl_lock"); afs_resourceinit_flag = 1; afs_nfs_server_addr = nfs_server_addr; for (i = 0; i < MAXNUMSYSNAMES; i++) { afs_sysnamelist[i] = afs_osi_Alloc(MAXSYSNAME); osi_Assert(afs_sysnamelist[i] != NULL); } afs_sysname = afs_sysnamelist[0]; strcpy(afs_sysname, SYS_NAME); afs_sysnamecount = 1; afs_sysnamegen++; srv_secobj = rxnull_NewServerSecurityObject(); stats_svc = rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", &srv_secobj, 1, RXSTATS_ExecuteRequest); pagcb_svc = rx_NewService(0, PAGCB_SERVICEID, "pagcb", &srv_secobj, 1, PAGCB_ExecuteRequest); rx_StartServer(0); clt_secobj = rxnull_NewClientSecurityObject(); rmtsys_conn = rx_NewConnection(nfs_server_addr, htons(7009), RMTSYS_SERVICEID, clt_secobj, 0); #ifdef RXK_LISTENER_ENV afs_start_thread(rxk_Listener, "Rx Listener"); #endif afs_start_thread((void *)(void *)rx_ServerProc, "Rx Server Thread"); afs_start_thread(afs_rxevent_daemon, "Rx Event Daemon"); afs_start_thread(afs_Daemon, "AFS PAG Daemon"); afs_icl_InitLogs(); AFS_GUNLOCK(); /* If it's reachable, tell the translator to nuke our creds. * We should be more agressive about making sure this gets done, * even if the translator is unreachable when we boot. */ addr = obuf = err = 0; idata.rmtbulk_len = sizeof(addr); idata.rmtbulk_val = (char *)&addr; odata.rmtbulk_len = sizeof(obuf); odata.rmtbulk_val = (char *)&obuf; memset(&ccred, 0, sizeof(ccred)); code = RMTSYS_Pioctl(rmtsys_conn, &ccred, NIL_PATHP, 0x4F01, 0, &idata, &odata, &err); } /*afs_ResourceInit */
static int internal_client_init(struct afsconf_dir *dir, struct afsconf_cell *info, int secFlags, struct ubik_client **uclientp, int (*secproc) (struct rx_securityClass *, afs_int32), int maxservers, const char *serviceid, int deadtime, afs_uint32 server, afs_uint32 port, afs_int32 usrvid) { int code, i; afs_int32 scIndex; struct rx_securityClass *sc; /* This must change if VLDB_MAXSERVERS becomes larger than MAXSERVERS */ static struct rx_connection *serverconns[MAXSERVERS]; const char *progname; progname = getprogname(); if (progname == NULL) progname = "<unknown>"; code = rx_Init(0); if (code) { fprintf(stderr, "%s: could not initialize rx.\n", progname); return code; } rx_SetRxDeadTime(deadtime); code = afsconf_PickClientSecObj(dir, secFlags, info, NULL, &sc, &scIndex, NULL); if (code) { fprintf(stderr, "%s: can't create client security object", progname); return code; } if (scIndex == RX_SECIDX_NULL && !(secFlags & AFSCONF_SECOPTS_NOAUTH)) { fprintf(stderr, "%s: Could not get afs tokens, running unauthenticated.\n", progname); } if (secproc) /* tell UV module about default authentication */ (*secproc) (sc, scIndex); if (server) { serverconns[0] = rx_NewConnection(server, port, usrvid, sc, scIndex); } else { if (info->numServers > maxservers) { fprintf(stderr, "%s: info.numServers=%d (> maxservers=%d)\n", progname, info->numServers, maxservers); return -1; } for (i = 0; i < info->numServers; i++) { if (!info->hostAddr[i].sin_port && port) info->hostAddr[i].sin_port = port; serverconns[i] = rx_NewConnection(info->hostAddr[i].sin_addr.s_addr, info->hostAddr[i].sin_port, usrvid, sc, scIndex); } } /* Are we just setting up connections, or is this really ubik stuff? */ if (uclientp) { *uclientp = 0; code = ubik_ClientInit(serverconns, uclientp); if (code) fprintf(stderr, "%s: ubik client init failed.\n", progname); return code; } return 0; }
int CommandProc(struct cmd_syndesc *as, void *arock) { char name[MAXKTCNAMELEN] = ""; char instance[MAXKTCNAMELEN] = ""; char cell[MAXKTCREALMLEN] = ""; char realm[MAXKTCREALMLEN] = ""; afs_int32 serverList[MAXSERVERS]; char *lcell; /* local cellname */ int code; int i; struct ubik_client *conn = 0; struct ktc_encryptionKey key; struct ktc_encryptionKey mitkey; struct ktc_encryptionKey newkey; struct ktc_encryptionKey newmitkey; struct ktc_token token; struct passwd pwent; struct passwd *pw = &pwent; int insist; /* insist on good password quality */ int lexplicit = 0; /* servers specified explicitly */ int local; /* explicit cell is same a local cell */ int foundPassword = 0; /*Not yet, anyway */ int foundNewPassword = 0; /*Not yet, anyway */ int foundExplicitCell = 0; /*Not yet, anyway */ #ifdef DEFAULT_MITV4_STRINGTOKEY int dess2k = 1; #elif DEFAULT_AFS_STRINGTOKEY int dess2k = 0; #else int dess2k = -1; #endif /* blow away command line arguments */ for (i = 1; i < zero_argc; i++) memset(zero_argv[i], 0, strlen(zero_argv[i])); zero_argc = 0; /* first determine quiet flag based on -pipe switch */ Pipe = (as->parms[aPIPE].items ? 1 : 0); #if TIMEOUT signal(SIGALRM, timedout); alarm(30); #endif code = ka_Init(0); if (code || !(lcell = ka_LocalCell())) { #ifndef AFS_FREELANCE_CLIENT if (!Pipe) afs_com_err(rn, code, "Can't get local cell name!"); exit(1); #endif } code = rx_Init(0); if (code) { if (!Pipe) afs_com_err(rn, code, "Failed to initialize Rx"); exit(1); } strcpy(instance, ""); /* Parse our arguments. */ if (as->parms[aCELL].items) { /* * cell name explicitly mentioned; take it in if no other cell name * has already been specified and if the name actually appears. If * the given cell name differs from our own, we don't do a lookup. */ foundExplicitCell = 1; strncpy(realm, as->parms[aCELL].items->data, sizeof(realm)); } if (as->parms[aSERVERS].items) { /* explicit server list */ int i; struct cmd_item *ip; char *ap[MAXSERVERS + 2]; for (ip = as->parms[aSERVERS].items, i = 2; ip; ip = ip->next, i++) ap[i] = ip->data; ap[0] = ""; ap[1] = "-servers"; code = ubik_ParseClientList(i, ap, serverList); if (code) { if (!Pipe) afs_com_err(rn, code, "could not parse server list"); return code; } lexplicit = 1; } if (as->parms[aPRINCIPAL].items) { ka_ParseLoginName(as->parms[aPRINCIPAL].items->data, name, instance, cell); if (strlen(instance) > 0) if (!Pipe) fprintf(stderr, "Non-null instance (%s) may cause strange behavior.\n", instance); if (strlen(cell) > 0) { if (foundExplicitCell) { if (!Pipe) fprintf(stderr, "%s: May not specify an explicit cell twice.\n", rn); return -1; } foundExplicitCell = 1; strncpy(realm, cell, sizeof(realm)); } pw->pw_name = name; } else { /* No explicit name provided: use Unix uid. */ #ifdef AFS_NT40_ENV userNameLen = 128; if (GetUserName(userName, &userNameLen) == 0) { if (!Pipe) { fprintf(stderr, "Can't figure out your name in local cell %s from your user id.\n", lcell); fprintf(stderr, "Try providing the user name.\n"); } exit(1); } pw->pw_name = userName; #else pw = getpwuid(getuid()); if (pw == 0) { if (!Pipe) { fprintf(stderr, "Can't figure out your name in local cell %s from your user id.\n", lcell); fprintf(stderr, "Try providing the user name.\n"); } exit(1); } #endif } if (as->parms[aPASSWORD].items) { /* * Current argument is the desired password string. Remember it in * our local buffer, and zero out the argument string - anyone can * see it there with ps! */ foundPassword = 1; strncpy(passwd, as->parms[aPASSWORD].items->data, sizeof(passwd)); memset(as->parms[aPASSWORD].items->data, 0, strlen(as->parms[aPASSWORD].items->data)); } if (as->parms[aNEWPASSWORD].items) { /* * Current argument is the new password string. Remember it in * our local buffer, and zero out the argument string - anyone can * see it there with ps! */ foundNewPassword = 1; strncpy(npasswd, as->parms[aNEWPASSWORD].items->data, sizeof(npasswd)); memset(as->parms[aNEWPASSWORD].items->data, 0, strlen(as->parms[aNEWPASSWORD].items->data)); } #ifdef AFS_FREELANCE_CLIENT if (!foundExplicitCell && !lcell) { if (!Pipe) afs_com_err(rn, code, "no cell name provided"); exit(1); } #else if (!foundExplicitCell) strcpy(realm, lcell); #endif /* freelance */ if ((code = ka_CellToRealm(realm, realm, &local))) { if (!Pipe) afs_com_err(rn, code, "Can't convert cell to realm"); exit(1); } lcstring(cell, realm, sizeof(cell)); ka_PrintUserID("Changing password for '", pw->pw_name, instance, "'"); printf(" in cell '%s'.\n", cell); /* Get the password if it wasn't provided. */ if (!foundPassword) { if (Pipe) getpipepass(passwd, sizeof(passwd)); else { code = read_pass(passwd, sizeof(passwd), "Old password: "******"reading password"); exit(1); } } } ka_StringToKey(passwd, realm, &key); des_string_to_key(passwd, ktc_to_cblockptr(&mitkey)); give_to_child(passwd); /* Get new password if it wasn't provided. */ insist = 0; if (!foundNewPassword) { if (Pipe) getpipepass(npasswd, sizeof(npasswd)); else { do { code = read_pass(npasswd, sizeof(npasswd), "New password (RETURN to abort): ", 0); if (code || (strlen(npasswd) == 0)) { if (code) code = KAREADPW; goto no_change; } } while (password_bad(npasswd)); code = read_pass(verify, sizeof(verify), "Retype new password: "******"Mismatch - "); goto no_change; } memset(verify, 0, sizeof(verify)); } } if ((code = password_bad(npasswd))) { /* assmt here! */ goto no_change_no_msg; } #if TRUNCATEPASSWORD if (strlen(npasswd) > 8) { npasswd[8] = 0; fprintf(stderr, "%s: password too long, only the first 8 chars will be used.\n", rn); } else npasswd[8] = 0; /* in case the password was exactly 8 chars long */ #endif ka_StringToKey(npasswd, realm, &newkey); des_string_to_key(npasswd, ktc_to_cblockptr(&newmitkey)); memset(npasswd, 0, sizeof(npasswd)); if (lexplicit) ka_ExplicitCell(realm, serverList); /* Get an connection to kaserver's admin service in desired cell. Set the * lifetime above the time uncertainty so that badly skewed clocks are * reported when the ticket is decrypted. Then give us 10 seconds to * actually get our work done if the clocks are skewed by only 14:59. * NOTE: Kerberos lifetime encoding will round this up to next 5 minute * interval, namely 20 minutes. */ #define ADMIN_LIFETIME (KTC_TIME_UNCERTAINTY+1) code = ka_GetAdminToken(pw->pw_name, instance, realm, &key, ADMIN_LIFETIME, &token, /*!new */ 0); if (code == KABADREQUEST) { code = ka_GetAdminToken(pw->pw_name, instance, realm, &mitkey, ADMIN_LIFETIME, &token, /*!new */ 0); if ((code == KABADREQUEST) && (strlen(passwd) > 8)) { /* try with only the first 8 characters incase they set their password * with an old style passwd program. */ char pass8[9]; strncpy(pass8, passwd, 8); pass8[8] = 0; ka_StringToKey(pass8, realm, &key); memset(pass8, 0, sizeof(pass8)); memset(passwd, 0, sizeof(passwd)); code = ka_GetAdminToken(pw->pw_name, instance, realm, &key, ADMIN_LIFETIME, &token, /*!new */ 0); #ifdef notdef /* the folks in testing really *hate* this message */ if (code == 0) { fprintf(stderr, "Warning: only the first 8 characters of your old password were significant.\n"); } #endif if (code == 0) { if (dess2k == -1) dess2k = 0; } } else { if (dess2k == -1) dess2k = 1; } } else { if (dess2k == -1) dess2k = 0; } memset(&mitkey, 0, sizeof(mitkey)); memset(&key, 0, sizeof(key)); if (code == KAUBIKCALL) afs_com_err(rn, code, "(Authentication Server unavailable, try later)"); else if (code) { if (code == KABADREQUEST) fprintf(stderr, "%s: Incorrect old password.\n", rn); else afs_com_err(rn, code, "so couldn't change password"); } else { code = ka_AuthServerConn(realm, KA_MAINTENANCE_SERVICE, &token, &conn); if (code) afs_com_err(rn, code, "contacting Admin Server"); else { if (dess2k == 1) code = ka_ChangePassword(pw->pw_name, instance, conn, 0, &newmitkey); else code = ka_ChangePassword(pw->pw_name, instance, conn, 0, &newkey); memset(&newkey, 0, sizeof(newkey)); memset(&newmitkey, 0, sizeof(newmitkey)); if (code) { char *reason; reason = (char *)afs_error_message(code); fprintf(stderr, "%s: Password was not changed because %s\n", rn, reason); } else printf("Password changed.\n\n"); } } memset(&newkey, 0, sizeof(newkey)); memset(&newmitkey, 0, sizeof(newmitkey)); /* Might need to close down the ubik_Client connection */ if (conn) { ubik_ClientDestroy(conn); conn = 0; } rx_Finalize(); terminate_child(); exit(code); no_change: /* yuck, yuck, yuck */ if (code) afs_com_err(rn, code, "getting new password"); no_change_no_msg: memset(&key, 0, sizeof(key)); memset(npasswd, 0, sizeof(npasswd)); printf("Password for '%s' in cell '%s' unchanged.\n\n", pw->pw_name, cell); terminate_child(); exit(code ? code : 1); }