/* Main routine of the remote AFS system call server. The calling process will * never return; this is currently called from afsd (when "-rmtsys" is passed * as a parameter) */ void rmtsysd(void) { /* void catchsig(int); */ struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]); struct rx_service *service; /* * Ignore SIGHUP signal since apparently is sent to the processes that * start up from /etc/rc for some systems like hpux and aix3.1... */ signal(SIGHUP, SIG_IGN); /* Initialize the rx-based RMTSYS server */ if (rx_Init(htons(AFSCONF_RMTSYSPORT)) < 0) rmt_Quit("rx_init"); securityObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject(); if (securityObjects[RX_SECIDX_NULL] == (struct rx_securityClass *)0) rmt_Quit("rxnull_NewServerSecurityObject"); service = rx_NewService(0, RMTSYS_SERVICEID, AFSCONF_RMTSYSSERVICE, securityObjects, N_SECURITY_OBJECTS, RMTSYS_ExecuteRequest); if (service == NULL) rmt_Quit("rx_NewService"); /* One may wish to tune some default RX params for better performance * at some point... */ rx_SetMaxProcs(service, 2); rx_StartServer(1); /* Donate this process to the server process pool */ }
static int CommandProc(struct cmd_syndesc *as, void *arock) { struct rx_connection *conn; register char *hostName; register struct hostent *thp; afs_int32 port; struct rx_securityClass *secobj; int int32p; afs_int32 addr; hostName = as->parms[0].items->data; if (as->parms[1].items) port = atoi(as->parms[1].items->data); else port = 7001; thp = hostutil_GetHostByName(hostName); if (!thp) { printf("cmdebug: can't resolve address for host %s.\n", hostName); exit(1); } memcpy(&addr, thp->h_addr, sizeof(afs_int32)); secobj = rxnull_NewServerSecurityObject(); conn = rx_NewConnection(addr, htons(port), 1, secobj, 0); if (!conn) { printf("cmdebug: failed to create connection for host %s\n", hostName); exit(1); } if (as->parms[2].items) int32p = 1; else int32p = 0; PrintCacheEntries(conn, int32p); return 0; }
main() { struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]); struct rx_service *service; signal(SIGINT, InterruptSignal); /* Initialize Rx, telling it port number this server will use for its single service */ if (rx_Init(BULK_SERVER_PORT) < 0) Quit("rx_init"); /* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */ securityObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject(); if (securityObjects[RX_SECIDX_NULL] == (struct rx_securityClass *)0) Quit("rxnull_NewServerSecurityObject"); /* Instantiate a single BULK service. The rxgen-generated procedure which is called to decode requests is passed in here (BULK_ExecuteRequest). */ service = rx_NewService(0, BULK_SERVICE_ID, "BULK", securityObjects, N_SECURITY_OBJECTS, BULK_ExecuteRequest); if (service == (struct rx_service *)0) Quit("rx_NewService"); rx_SetMaxProcs(service, 5); rx_StartServer(1); /* Donate this process to the server process pool */ Quit("StartServer returned?"); }
int main(int argc, char **argv) { struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]); struct rx_service *service; /* Initialize Rx, telling it port number this server will use for its single service */ if (rx_Init(SAMPLE_SERVER_PORT) < 0) Quit("rx_init"); /* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */ securityObjects[SAMPLE_NULL] = rxnull_NewServerSecurityObject(); if (securityObjects[SAMPLE_NULL] == (struct rx_securityClass *)0) Quit("rxnull_NewServerSecurityObject"); /* Instantiate a single sample service. The rxgen-generated procedure which is called to decode requests is passed in here (TEST_ExecuteRequest). */ service = rx_NewService(0, SAMPLE_SERVICE_ID, "sample", securityObjects, N_SECURITY_OBJECTS, TEST_ExecuteRequest); if (service == (struct rx_service *)0) Quit("rx_NewService"); rx_StartServer(1); /* Donate this process to the server process pool */ Quit("StartServer returned?"); return 0; }
static void get_sec(int serverp, struct rx_securityClass **sec, int *secureindex) { if (serverp) { *sec = rxnull_NewServerSecurityObject(); *secureindex = 1; } else { *sec = rxnull_NewClientSecurityObject(); *secureindex = 0; } }
extern int start_cb_server(void) { struct rx_service *s; sc = rxnull_NewServerSecurityObject(); s = rx_NewService(0, 1, "afs", &sc, 1, RXAFSCB_ExecuteRequest); if (!s) return 1; rx_StartServer(0); return 0; }
static void * init_callback_service_lwp(void *arg) { struct rx_securityClass *sc; struct rx_service *svc; afs_int32 code = 0; rpc_test_request_ctx *ctx = (rpc_test_request_ctx *) arg; printf("%s: init_callback_service_lwp: listen_addr: %s " "(%d) cb_port: %d\n", prog, ctx->cb_listen_addr_s, ctx->cb_listen_addr.addr_in[0], ctx->cb_port); sc = (struct rx_securityClass *) rxnull_NewServerSecurityObject(); if (!sc) { fprintf(stderr,"rxnull_NewServerSecurityObject failed for callback " "service\n"); exit(1); } #if defined(RPC_TEST_GLOBAL_RX_INIT) svc = rx_NewServiceHost(htonl(INADDR_ANY), htons(ctx->cb_port), 1, ctx->cb_svc_name, &sc, 1, RXAFSCB_ExecuteRequest); #else svc = rx_NewService(0, 1, ctx->cb_svc_name, &sc, 1, RXAFSCB_ExecuteRequest); #endif /* stash context */ rx_SetServiceSpecific(svc, ctx_key, ctx); if (!svc) { fprintf(stderr,"rx_NewServiceHost failed for callback service\n"); exit(1); } /* XXX stash service so we can hijack its rx_socket when inititiating * RPC calls */ ctx->svc = svc; /* release pkg mutex before entering rx processing loop */ pthread_mutex_unlock(&rpc_test_params.mtx); rx_StartServer(1); printf("%s: init_callback_service_lwp: finished"); return (NULL); } /* callback_service_lwp */
void afsconf_BuildServerSecurityObjects(struct afsconf_dir *dir, afs_uint32 flags, struct rx_securityClass ***classes, afs_int32 *numClasses) { if (flags & AFSCONF_SEC_OBJS_RXKAD_CRYPT) *numClasses = 4; else *numClasses = 3; *classes = calloc(*numClasses, sizeof(**classes)); (*classes)[0] = rxnull_NewServerSecurityObject(); (*classes)[1] = NULL; (*classes)[2] = rxkad_NewServerSecurityObject(0, dir, afsconf_GetKey, NULL); if (flags & AFSCONF_SEC_OBJS_RXKAD_CRYPT) (*classes)[3] = rxkad_NewServerSecurityObject(rxkad_crypt, dir, afsconf_GetKey, NULL); }
static int WorkerBee(struct cmd_syndesc *as, void *arock) { afs_int32 code; struct rx_securityClass *(securityObjects[3]); struct rx_service *service; time_t tokenExpires; char cellName[64]; int localauth; /*process arguments */ afs_int32 portOffset = 0; #ifdef AFS_PTHREAD_ENV pthread_t dbWatcherPid; pthread_attr_t tattr; AFS_SIGSET_DECL; #else PROCESS dbWatcherPid; #endif afs_uint32 host = htonl(INADDR_ANY); debugLevel = 0; /*initialize the error tables */ initialize_KA_error_table(); initialize_RXK_error_table(); initialize_KTC_error_table(); initialize_ACFG_error_table(); initialize_CMD_error_table(); initialize_VL_error_table(); initialize_BUTM_error_table(); initialize_BUTC_error_table(); #ifdef xbsa initialize_BUTX_error_table(); #endif /*xbs */ initialize_VOLS_error_table(); initialize_BUDB_error_table(); initialize_BUCD_error_table(); if (as->parms[0].items) { portOffset = SafeATOL(as->parms[0].items->data); if (portOffset == -1) { fprintf(stderr, "Illegal port offset '%s'\n", as->parms[0].items->data); exit(1); } else if (portOffset > BC_MAXPORTOFFSET) { fprintf(stderr, "%u exceeds max port offset %u\n", portOffset, BC_MAXPORTOFFSET); exit(1); } } xbsaType = XBSA_SERVER_TYPE_NONE; /* default */ if (as->parms[3].items) { /* -device */ globalTapeConfig.capacity = 0x7fffffff; /* 2T for max tape capacity */ globalTapeConfig.fileMarkSize = 0; globalTapeConfig.portOffset = portOffset; strncpy(globalTapeConfig.device, as->parms[3].items->data, 100); xbsaType = XBSA_SERVER_TYPE_NONE; /* Not XBSA */ } else { /* Search for an entry in tapeconfig file */ code = GetDeviceConfig(tapeConfigFile, &globalTapeConfig, portOffset); if (code == -1) { fprintf(stderr, "Problem in reading config file %s\n", tapeConfigFile); exit(1); } /* Set xbsaType. If code == 1, no entry was found in the tapeconfig file so * it's an XBSA server. Don't know if its ADSM or not so its unknown. */ xbsaType = ((code == 1) ? XBSA_SERVER_TYPE_UNKNOWN : XBSA_SERVER_TYPE_NONE); } if (as->parms[6].items) { /* -restoretofile */ int s = strlen(as->parms[6].items->data); restoretofile = malloc(s + 1); strncpy(restoretofile, as->parms[6].items->data, s + 1); printf("Restore to file '%s'\n", restoretofile); } /* Go and read the config file: CFG_<device> or CFG_<port>. We will also set * the exact xbsaType within the call (won't be unknown) - double check. */ code = GetConfigParams(pFile, portOffset); if (code) exit(code); #ifdef xbsa if (xbsaType == XBSA_SERVER_TYPE_UNKNOWN) { printf ("\nConfiguration file error, the TYPE parameter must be specified, or\n"); printf("an entry must exist in %s for port %d\n", tapeConfigFile, portOffset); exit(1); } #else /* Not compiled for XBSA code so we can't support it */ if (CONF_XBSA) { printf("\nNo entry found in %s for port %d\n", tapeConfigFile, portOffset); printf("This binary does not have XBSA support\n"); exit(1); } #endif /* Open the log files. The pathnames were set in GetConfigParams() */ logIO = fopen(logFile, "a"); if (!logIO) { fprintf(stderr, "Failed to open %s\n", logFile); exit(1); } ErrorlogIO = fopen(ErrorlogFile, "a"); if (!ErrorlogIO) { fprintf(stderr, "Failed to open %s\n", ErrorlogFile); exit(1); } if (lastLog) { lastLogIO = fopen(lastLogFile, "a"); if (!lastLogIO) { fprintf(stderr, "Failed to open %s\n", lastLogFile); exit(1); } } if (centralLogFile) { struct stat sbuf; afs_int32 statcode; #ifndef AFS_NT40_ENV char path[AFSDIR_PATH_MAX]; #endif statcode = stat(centralLogFile, &sbuf); centralLogIO = fopen(centralLogFile, "a"); if (!centralLogIO) { fprintf(stderr, "Failed to open %s; error %d\n", centralLogFile, errno); exit(1); } #ifndef AFS_NT40_ENV /* Make sure it is not in AFS, has to have been created first */ if (!realpath(centralLogFile, path)) { fprintf(stderr, "Warning: can't determine real path of '%s' (%d)\n", centralLogFile, errno); } else { if (strncmp(path, "/afs/", 5) == 0) { fprintf(stderr, "The central log '%s' should not be in AFS\n", centralLogFile); exit(1); } } #endif /* Write header if created it */ if (statcode) { char *h1 = "TASK START DATE/TIME END DATE/TIME ELAPSED VOLUMESET\n"; char *h2 = "----- ------------------- ------------------- -------- ---------\n"; /* File didn't exist before so write the header lines */ fwrite(h1, strlen(h1), 1, centralLogIO); fwrite(h2, strlen(h2), 1, centralLogIO); fflush(centralLogIO); } } if (as->parms[1].items) { debugLevel = SafeATOL(as->parms[1].items->data); if (debugLevel == -1) { TLog(0, "Illegal debug level '%s'\n", as->parms[1].items->data); exit(1); } } #ifdef xbsa /* Setup XBSA library interface */ if (CONF_XBSA) { afs_int32 rc; rc = xbsa_MountLibrary(&butxInfo, xbsaType); if (rc != XBSA_SUCCESS) { TapeLog(0, 0, rc, 0, "Unable to mount the XBSA library\n"); return (1); } forcemultiple = (as->parms[7].items ? 1 : 0);/*-xbsaforcemultiple */ if (forcemultiple) printf("Force XBSA multiple server support\n"); rc = InitToServer(0 /*taskid */ , &butxInfo, adsmServerName); if (rc != XBSA_SUCCESS) return (1); } #endif /*xbsa */ /* cell switch */ if (as->parms[2].items) strncpy(cellName, as->parms[2].items->data, sizeof(cellName)); else cellName[0] = '\0'; if (as->parms[4].items) autoQuery = 0; localauth = (as->parms[5].items ? 1 : 0); rxBind = (as->parms[8].items ? 1 : 0); if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = parseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) host = SHostAddrs[0]; } code = rx_InitHost(host, htons(BC_TAPEPORT + portOffset)); if (code) { TapeLog(0, 0, code, 0, "rx init failed on port %u\n", BC_TAPEPORT + portOffset); exit(1); } rx_SetRxDeadTime(150); /* Establish connection with the vldb server */ code = vldbClientInit(0, localauth, cellName, &cstruct, &tokenExpires); if (code) { TapeLog(0, 0, code, 0, "Can't access vldb\n"); return code; } strcpy(globalCellName, cellName); /*initialize the dumpNode list */ InitNodeList(portOffset); deviceLatch = (struct deviceSyncNode *)(malloc(sizeof(struct deviceSyncNode))); Lock_Init(&(deviceLatch->lock)); deviceLatch->flags = 0; /* initialize database support, volume support, and logs */ /* Create a single security object, in this case the null security * object, for unauthenticated connections, which will be used to control * security on connections made to this server */ securityObjects[0] = rxnull_NewServerSecurityObject(); securityObjects[1] = (struct rx_securityClass *)0; /* don't bother with rxvab */ if (!securityObjects[0]) { TLog(0, "rxnull_NewServerSecurityObject"); exit(1); } service = rx_NewServiceHost(host, 0, 1, "BUTC", securityObjects, 3, TC_ExecuteRequest); if (!service) { TLog(0, "rx_NewService"); exit(1); } rx_SetMaxProcs(service, 4); /* Establish connection to the backup database */ code = udbClientInit(0, localauth, cellName); if (code) { TapeLog(0, 0, code, 0, "Can't access backup database\n"); exit(1); } /* This call is here to verify that we are authentiated. * The call does nothing and will return BUDB_NOTPERMITTED * if we don't belong. */ code = bcdb_deleteDump(0, 0, 0, 0); if (code == BUDB_NOTPERMITTED) { TapeLog(0, 0, code, 0, "Can't access backup database\n"); exit(1); } initStatus(); #ifdef AFS_PTHREAD_ENV code = pthread_attr_init(&tattr); if (code) { TapeLog(0, 0, code, 0, "Can't pthread_attr_init database monitor task"); exit(1); } code = pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED); if (code) { TapeLog(0, 0, code, 0, "Can't pthread_attr_setdetachstate database monitor task"); exit(1); } AFS_SIGSET_CLEAR(); code = pthread_create(&dbWatcherPid, &tattr, dbWatcher, (void *)2); AFS_SIGSET_RESTORE(); #else code = LWP_CreateProcess(dbWatcher, 20480, LWP_NORMAL_PRIORITY, (void *)2, "dbWatcher", &dbWatcherPid); #endif if (code) { TapeLog(0, 0, code, 0, "Can't create database monitor task"); exit(1); } TLog(0, "Starting Tape Coordinator: Port offset %u Debug level %u\n", portOffset, debugLevel); TLog(0, "Token expires: %s\n", cTIME(&tokenExpires)); rx_StartServer(1); /* Donate this process to the server process pool */ TLog(0, "Error: StartServer returned"); exit(1); }
int main(int argc, char *argv[]) { afs_int32 code; char *whoami = argv[0]; afs_uint32 serverList[MAXSERVERS]; struct afsconf_cell cellinfo; char *cell; const char *cellservdb, *dbpath, *lclpath; int a; char arg[32]; char default_lclpath[AFSDIR_PATH_MAX]; int servers; int initFlags; int level; /* security level for Ubik */ afs_int32 i; char clones[MAXHOSTSPERCELL]; afs_uint32 host = ntohl(INADDR_ANY); char *auditFileName = NULL; struct rx_service *tservice; struct rx_securityClass *sca[1]; struct rx_securityClass *scm[3]; extern int rx_stackSize; #ifdef AFS_AIX32_ENV /* * The following signal action for AIX is necessary so that in case of a * crash (i.e. core is generated) we can include the user's data section * in the core dump. Unfortunately, by default, only a partial core is * generated which, in many cases, isn't too useful. */ struct sigaction nsa; sigemptyset(&nsa.sa_mask); nsa.sa_handler = SIG_DFL; nsa.sa_flags = SA_FULLDUMP; sigaction(SIGABRT, &nsa, NULL); sigaction(SIGSEGV, &nsa, NULL); #endif osi_audit_init(); if (argc == 0) { usage: printf("Usage: kaserver [-noAuth] [-database <dbpath>] " "[-auditlog <log path>] [-audit-interface <file|sysvmq>] " "[-rxbind] [-localfiles <lclpath>] [-minhours <n>] " "[-servers <serverlist>] [-crossrealm] " /*" [-enable_peer_stats] [-enable_process_stats] " */ "[-help]\n"); exit(1); } #ifdef AFS_NT40_ENV /* initialize winsock */ if (afs_winsockInit() < 0) { ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0); fprintf(stderr, "%s: Couldn't initialize winsock.\n", whoami); exit(1); } #endif /* Initialize dirpaths */ if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) { #ifdef AFS_NT40_ENV ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0); #endif fprintf(stderr, "%s: Unable to obtain AFS server directory.\n", argv[0]); exit(2); } cellservdb = AFSDIR_SERVER_ETC_DIRPATH; dbpath = AFSDIR_SERVER_KADB_FILEPATH; strcompose(default_lclpath, AFSDIR_PATH_MAX, AFSDIR_SERVER_LOCAL_DIRPATH, "/", AFSDIR_KADB_FILE, NULL); lclpath = default_lclpath; debugOutput = 0; servers = 0; initFlags = 0; level = rxkad_crypt; for (a = 1; a < argc; a++) { int arglen = strlen(argv[a]); lcstring(arg, argv[a], sizeof(arg)); #define IsArg(a) (strncmp (arg,a, arglen) == 0) if (strcmp(arg, "-database") == 0) { dbpath = argv[++a]; if (strcmp(lclpath, default_lclpath) == 0) lclpath = dbpath; } else if (strncmp(arg, "-auditlog", arglen) == 0) { auditFileName = argv[++a]; } else if (strncmp(arg, "-audit-interface", arglen) == 0) { char *interface = argv[++a]; if (osi_audit_interface(interface)) { printf("Invalid audit interface '%s'\n", interface); exit(1); } } else if (strcmp(arg, "-localfiles") == 0) lclpath = argv[++a]; else if (strcmp(arg, "-servers") == 0) debugOutput++, servers = 1; else if (strcmp(arg, "-noauth") == 0) debugOutput++, initFlags |= 1; else if (strcmp(arg, "-fastkeys") == 0) debugOutput++, initFlags |= 4; else if (strcmp(arg, "-dbfixup") == 0) debugOutput++, initFlags |= 8; else if (strcmp(arg, "-cellservdb") == 0) { cellservdb = argv[++a]; initFlags |= 2; debugOutput++; } else if (IsArg("-crypt")) level = rxkad_crypt; else if (IsArg("-safe")) level = rxkad_crypt; else if (IsArg("-clear")) level = rxkad_clear; else if (IsArg("-sorry")) level = rxkad_clear; else if (IsArg("-debug")) verbose_track = 0; else if (IsArg("-crossrealm")) krb4_cross = 1; else if (IsArg("-rxbind")) rxBind = 1; else if (IsArg("-minhours")) { MinHours = atoi(argv[++a]); } else if (IsArg("-enable_peer_stats")) { rx_enablePeerRPCStats(); } else if (IsArg("-enable_process_stats")) { rx_enableProcessRPCStats(); } else if (*arg == '-') { /* hack to support help flag */ goto usage; } } if (auditFileName) { osi_audit_file(auditFileName); } if ((code = ka_CellConfig(cellservdb))) goto abort; cell = ka_LocalCell(); KA_conf = afsconf_Open(cellservdb); if (!KA_conf) { code = KANOCELLS; abort: afs_com_err(whoami, code, "Failed getting cell info"); exit(1); } #ifdef AUTH_DBM_LOG kalog_Init(); #else /* NT & HPUX do not have dbm package support. So we can only do some * text logging. So open the AuthLog file for logging and redirect * stdin and stdout to it */ OpenLog(AFSDIR_SERVER_KALOG_FILEPATH); SetupLogSignals(); #endif fprintf(stderr, "%s: WARNING: kaserver is deprecated due to its weak security " "properties. Migrating to a Kerberos 5 KDC is advised. " "http://www.openafs.org/no-more-des.html\n", whoami); ViceLog(0, ("WARNING: kaserver is deprecated due to its weak security properties. " "Migrating to a Kerberos 5 KDC is advised. " "http://www.openafs.org/no-more-des.html\n")); code = afsconf_GetExtendedCellInfo(KA_conf, cell, AFSCONF_KAUTHSERVICE, &cellinfo, clones); if (servers) { if ((code = ubik_ParseServerList(argc, argv, &myHost, serverList))) { afs_com_err(whoami, code, "Couldn't parse server list"); exit(1); } cellinfo.hostAddr[0].sin_addr.s_addr = myHost; for (i = 1; i < MAXSERVERS; i++) { if (!serverList[i]) break; cellinfo.hostAddr[i].sin_addr.s_addr = serverList[i]; } cellinfo.numServers = i; } else { code = convert_cell_to_ubik(&cellinfo, &myHost, serverList); if (code) goto abort; ViceLog(0, ("Using server list from %s cell database.\n", cell)); } /* initialize audit user check */ osi_audit_set_user_check(KA_conf, KA_IsLocalRealmMatch); /* initialize ubik */ if (level == rxkad_clear) ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, KA_conf); else if (level == rxkad_crypt) ubik_SetClientSecurityProcs(afsconf_ClientAuthSecure, afsconf_UpToDate, KA_conf); else { ViceLog(0, ("Unsupported security level %d\n", level)); exit(5); } ViceLog(0, ("Using level %s for Ubik connections.\n", (level == rxkad_crypt ? "crypt" : "clear"))); ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects, afsconf_CheckAuth, KA_conf); ubik_nBuffers = 80; if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = parseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) { host = SHostAddrs[0]; rx_InitHost(host, htons(AFSCONF_KAUTHPORT)); } } /* Disable jumbograms */ rx_SetNoJumbo(); if (servers) code = ubik_ServerInit(myHost, htons(AFSCONF_KAUTHPORT), serverList, dbpath, &KA_dbase); else code = ubik_ServerInitByInfo(myHost, htons(AFSCONF_KAUTHPORT), &cellinfo, clones, dbpath, &KA_dbase); if (code) { afs_com_err(whoami, code, "Ubik init failed"); exit(2); } sca[RX_SCINDEX_NULL] = rxnull_NewServerSecurityObject(); tservice = rx_NewServiceHost(host, 0, KA_AUTHENTICATION_SERVICE, "AuthenticationService", sca, 1, KAA_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Authentication rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); tservice = rx_NewServiceHost(host, 0, KA_TICKET_GRANTING_SERVICE, "TicketGrantingService", sca, 1, KAT_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Ticket Granting rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); scm[RX_SCINDEX_NULL] = sca[RX_SCINDEX_NULL]; scm[RX_SCINDEX_VAB] = 0; scm[RX_SCINDEX_KAD] = rxkad_NewServerSecurityObject(rxkad_crypt, 0, kvno_admin_key, 0); tservice = rx_NewServiceHost(host, 0, KA_MAINTENANCE_SERVICE, "Maintenance", scm, 3, KAM_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Maintenance rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); rx_SetStackSize(tservice, 10000); tservice = rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats", scm, 3, RXSTATS_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create rpc stats rx service\n")); exit(3); } rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 4); initialize_dstats(); /* allow super users to manage RX statistics */ rx_SetRxStatUserOk(KA_rxstat_userok); rx_StartServer(0); /* start handling req. of all types */ if (init_kaprocs(lclpath, initFlags)) return -1; if ((code = init_krb_udp())) { ViceLog(0, ("Failed to initialize UDP interface; code = %d.\n", code)); ViceLog(0, ("Running without UDP access.\n")); } ViceLog(0, ("Starting to process AuthServer requests\n")); rx_ServerProc(NULL); /* donate this LWP */ return 0; }
int main(int argc, char **argv) { afs_int32 code, i; afs_uint32 serverList[MAXSERVERS]; afs_uint32 myHost; struct rx_service *tservice; struct rx_securityClass *sc[2]; char dbfileName[128]; if (argc == 1) { printf("usage: userver -servers <serverlist> {-sleep <sleeptime>}\n"); exit(0); } #ifdef AFS_NT40_ENV /* initialize winsock */ if (afs_winsockInit() < 0) return -1; #endif /* parse our own local arguments */ sleepTime = 0; for (i = 1; i < argc; i++) { if (strcmp(argv[i], "-sleep") == 0) { if (i >= argc - 1) { printf("missing time in -sleep argument\n"); exit(1); } sleepTime = atoi(argv[i + 1]); i++; } } /* call routine to parse command line -servers switch, filling in * myHost and serverList arrays appropriately */ code = ubik_ParseServerList(argc, argv, &myHost, serverList); if (code) { printf("could not parse server list, code %d\n", code); exit(1); } /* call ServerInit with the values from ParseServerList. Also specify the * name to use for the database files (/tmp/testdb), and the port (3000) * for RPC requests. ServerInit returns a pointer to the database (in * dbase), which is required for creating new transactions */ sprintf(dbfileName, "%s/testdb", gettmpdir()); code = ubik_ServerInit(myHost, htons(3000), serverList, dbfileName, &dbase); if (code) { printf("ubik init failed with code %d\n", code); exit(1); } sc[0] = rxnull_NewServerSecurityObject(); #if 0 sc[1] = rxvab_NewServerSecurityObject("applexx", 0); #endif tservice = rx_NewService(0, USER_SERVICE_ID, "Sample", sc, 1 /*2 */ , SAMPLE_ExecuteRequest); if (tservice == (struct rx_service *)0) { printf("Could not create SAMPLE rx service\n"); exit(3); } rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 3); rx_StartServer(1); /* Why waste this idle process?? */ return 0; }
int CommandProc(struct cmd_syndesc *as, void *arock) { struct rx_connection *conn; char *hostName; struct hostent *thp; afs_int32 port; struct rx_securityClass *secobj; int int32p; afs_int32 addr; hostName = as->parms[0].items->data; if (as->parms[1].items) port = atoi(as->parms[1].items->data); else port = 7001; thp = hostutil_GetHostByName(hostName); if (!thp) { printf("cmdebug: can't resolve address for host %s.\n", hostName); exit(1); } memcpy(&addr, thp->h_addr, sizeof(afs_int32)); secobj = rxnull_NewServerSecurityObject(); conn = rx_NewConnection(addr, htons(port), 1, secobj, 0); if (!conn) { printf("cmdebug: failed to create connection for host %s\n", hostName); exit(1); } if (as->parms[6].items) { /* -addrs */ PrintInterfaces(conn); return 0; } if (as->parms[7].items) { /* -cache */ PrintCacheConfig(conn); return 0; } if (as->parms[8].items) { /* -cellservdb */ PrintCellServDB(conn); return 0; } if (as->parms[5].items) print_ctime = 1; if (as->parms[2].items) /* -long */ int32p = 1; else if (as->parms[3].items) /* -refcounts */ int32p = 2; else if (as->parms[4].items) /* -callbacks */ int32p = 4; else int32p = 0; if (int32p == 0 || int32p == 1) PrintLocks(conn, int32p); if (int32p >= 0 || int32p <= 4) PrintCacheEntries(conn, int32p); return 0; }
int fsprobe_Init(int a_numServers, struct sockaddr_in *a_socketArray, int a_ProbeFreqInSecs, int (*a_ProbeHandler)(void), int a_debug) { /*fsprobe_Init */ static char rn[] = "fsprobe_Init"; /*Routine name */ register afs_int32 code; /*Return value */ static struct rx_securityClass *CBsecobj; /*Callback security object */ struct rx_securityClass *secobj; /*Client security object */ struct rx_service *rxsrv_afsserver; /*Server for AFS */ int arg_errfound; /*Argument error found? */ int curr_srv; /*Current server idx */ struct fsprobe_ConnectionInfo *curr_conn; /*Ptr to current conn */ char *hostNameFound; /*Ptr to returned host name */ int conn_err; /*Connection error? */ int PortToUse; /*Callback port to use */ /* * If we've already been called, snicker at the bozo, gently * remind him of his doubtful heritage, and return success. */ if (fsprobe_initflag) { fprintf(stderr, "[%s] Called multiple times!\n", rn); return (0); } else fsprobe_initflag = 1; /* * Check the parameters for bogosities. */ arg_errfound = 0; if (a_numServers <= 0) { fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_socketArray == (struct sockaddr_in *)0) { fprintf(stderr, "[%s] Null server socket array argument\n", rn); arg_errfound = 1; } if (a_ProbeFreqInSecs <= 0) { fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn, a_ProbeFreqInSecs); arg_errfound = 1; } if (a_ProbeHandler == (int (*)())0) { fprintf(stderr, "[%s] Null probe handler function argument\n", rn); arg_errfound = 1; } if (arg_errfound) return (-1); /* * Record our passed-in info. */ fsprobe_debug = a_debug; fsprobe_numServers = a_numServers; fsprobe_Handler = a_ProbeHandler; fsprobe_ProbeFreqInSecs = a_ProbeFreqInSecs; /* * Get ready in case we have to do a cleanup - basically, zero * everything out. */ fsprobe_CleanupInit(); /* * Allocate the necessary data structures and initialize everything * else. */ fsprobe_ConnInfo = (struct fsprobe_ConnectionInfo *) malloc(a_numServers * sizeof(struct fsprobe_ConnectionInfo)); if (fsprobe_ConnInfo == (struct fsprobe_ConnectionInfo *)0) { fprintf(stderr, "[%s] Can't allocate %d connection info structs (%"AFS_SIZET_FMT" bytes)\n", rn, a_numServers, (a_numServers * sizeof(struct fsprobe_ConnectionInfo))); return (-1); /*No cleanup needs to be done yet */ } #if 0 else fprintf(stderr, "[%s] fsprobe_ConnInfo allocated (%d bytes)\n", rn, a_numServers * sizeof(struct fsprobe_ConnectionInfo)); #endif /* 0 */ fsprobe_statsBytes = a_numServers * sizeof(struct ProbeViceStatistics); fsprobe_Results.stats = (struct ProbeViceStatistics *) malloc(fsprobe_statsBytes); if (fsprobe_Results.stats == NULL) { fprintf(stderr, "[%s] Can't allocate %d statistics structs (%d bytes)\n", rn, a_numServers, fsprobe_statsBytes); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } else if (fsprobe_debug) fprintf(stderr, "[%s] fsprobe_Results.stats allocated (%d bytes)\n", rn, fsprobe_statsBytes); fsprobe_probeOKBytes = a_numServers * sizeof(int); fsprobe_Results.probeOK = (int *)malloc(fsprobe_probeOKBytes); if (fsprobe_Results.probeOK == (int *)0) { fprintf(stderr, "[%s] Can't allocate %d probeOK array entries (%d bytes)\n", rn, a_numServers, fsprobe_probeOKBytes); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } else if (fsprobe_debug) fprintf(stderr, "[%s] fsprobe_Results.probeOK allocated (%d bytes)\n", rn, fsprobe_probeOKBytes); fsprobe_Results.probeNum = 0; fsprobe_Results.probeTime = 0; memset(fsprobe_Results.stats, 0, (a_numServers * sizeof(struct ProbeViceStatistics))); /* * Initialize the Rx subsystem, just in case nobody's done it. */ if (fsprobe_debug) fprintf(stderr, "[%s] Initializing Rx\n", rn); PortToUse = FSPROBE_CBPORT; do { code = rx_Init(htons(PortToUse)); if (code) { if (code == RX_ADDRINUSE) { if (fsprobe_debug) fprintf(stderr, "[%s] Callback port %d in use, advancing\n", rn, PortToUse); PortToUse++; } else { fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn); return (-1); } } } while (code); if (fsprobe_debug) fprintf(stderr, "[%s] Rx initialized on port %d\n", rn, PortToUse); /* * Create a null Rx server security object, to be used by the * Callback listener. */ CBsecobj = rxnull_NewServerSecurityObject(); if (CBsecobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create null security object for the callback listener.\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Callback server security object created\n", rn); /* * Create a null Rx client security object, to be used by the * probe LWP. */ secobj = rxnull_NewClientSecurityObject(); if (secobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create client security object for probe LWP.\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Probe LWP client security object created\n", rn); curr_conn = fsprobe_ConnInfo; conn_err = 0; for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) { /* * Copy in the socket info for the current server, resolve its * printable name if possible. */ if (fsprobe_debug) { fprintf(stderr, "[%s] Copying in the following socket info:\n", rn); fprintf(stderr, "[%s] IP addr 0x%x, port %d\n", rn, (a_socketArray + curr_srv)->sin_addr.s_addr, (a_socketArray + curr_srv)->sin_port); } memcpy(&(curr_conn->skt), a_socketArray + curr_srv, sizeof(struct sockaddr_in)); hostNameFound = hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr); if (hostNameFound == NULL) { fprintf(stderr, "[%s] Can't map Internet address %u to a string name\n", rn, curr_conn->skt.sin_addr.s_addr); curr_conn->hostName[0] = '\0'; } else { strcpy(curr_conn->hostName, hostNameFound); if (fsprobe_debug) fprintf(stderr, "[%s] Host name for server index %d is %s\n", rn, curr_srv, curr_conn->hostName); } /* * Make an Rx connection to the current server. */ if (fsprobe_debug) fprintf(stderr, "[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n", rn, curr_srv, curr_conn->skt.sin_addr.s_addr, curr_conn->skt.sin_port); curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ curr_conn->skt.sin_port, /*Server port */ 1, /*AFS service num */ secobj, /*Security object */ 0); /*Number of above */ if (curr_conn->rxconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to server %s (%u)\n", rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr); conn_err = 1; } if (fsprobe_debug) fprintf(stderr, "[%s] New connection at %p\n", rn, curr_conn->rxconn); /* * Make an Rx connection to the current volume server. */ if (fsprobe_debug) fprintf(stderr, "[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n", rn, curr_srv, curr_conn->skt.sin_addr.s_addr, htons(7005)); curr_conn->rxVolconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ htons(AFSCONF_VOLUMEPORT), /*Volume Server port */ VOLSERVICE_ID, /*AFS service num */ secobj, /*Security object */ 0); /*Number of above */ if (curr_conn->rxVolconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to volume server %s (%u)\n", rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr); conn_err = 1; } else { int i, cnt; memset(&curr_conn->partList, 0, sizeof(struct partList)); curr_conn->partCnt = 0; i = XListPartitions(curr_conn->rxVolconn, &curr_conn->partList, &cnt); if (!i) { curr_conn->partCnt = cnt; } } if (fsprobe_debug) fprintf(stderr, "[%s] New connection at %p\n", rn, curr_conn->rxVolconn); /* * Bump the current fsprobe connection to set up. */ curr_conn++; } /*for curr_srv */ /* * Create the AFS callback service (listener). */ if (fsprobe_debug) fprintf(stderr, "[%s] Creating AFS callback listener\n", rn); rxsrv_afsserver = rx_NewService(0, /*Use default port */ 1, /*Service ID */ "afs", /*Service name */ &CBsecobj, /*Ptr to security object(s) */ 1, /*Number of security objects */ RXAFSCB_ExecuteRequest); /*Dispatcher */ if (rxsrv_afsserver == (struct rx_service *)0) { fprintf(stderr, "[%s] Can't create callback Rx service/listener\n", rn); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (fsprobe_debug) fprintf(stderr, "[%s] Callback listener created\n", rn); /* * Start up the AFS callback service. */ if (fsprobe_debug) fprintf(stderr, "[%s] Starting up callback listener.\n", rn); rx_StartServer(0 /*Don't donate yourself to LWP pool */ ); /* * Start up the probe LWP. */ if (fsprobe_debug) fprintf(stderr, "[%s] Creating the probe LWP\n", rn); code = LWP_CreateProcess(fsprobe_LWP, /*Function to start up */ LWP_STACK_SIZE, /*Stack size in bytes */ 1, /*Priority */ (void *)0, /*Parameters */ "fsprobe Worker", /*Name to use */ &probeLWP_ID); /*Returned LWP process ID */ if (code) { fprintf(stderr, "[%s] Can't create fsprobe LWP! Error is %d\n", rn, code); fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */ return (code); } if (fsprobe_debug) fprintf(stderr, "[%s] Probe LWP process structure located at %p\n", rn, probeLWP_ID); #if 0 /* * Do I need to do this? */ if (fsprobe_debug) fprintf(stderr, "[%s] Calling osi_Wakeup()\n", rn); osi_Wakeup(&rxsrv_afsserver); /*Wake up anyone waiting for it */ #endif /* 0 */ /* * Return the final results. */ if (conn_err) return (-2); else return (0); } /*fsprobe_Init */
static int WorkerBee(struct cmd_syndesc *as, void *arock) { afs_int32 code, numClasses; struct rx_securityClass *(nullObjects[1]), **secObjs, **allObjs; struct rx_service *service; time_t tokenExpires; char cellName[64]; int localauth; /*process arguments */ afs_int32 portOffset = 0; #ifdef AFS_PTHREAD_ENV pthread_t dbWatcherPid; pthread_attr_t tattr; AFS_SIGSET_DECL; #else PROCESS dbWatcherPid; #endif char hoststr[16]; afs_uint32 host = htonl(INADDR_ANY); char *auditFileName = NULL; char *auditInterface = NULL; debugLevel = 0; /*initialize the error tables */ initialize_KA_error_table(); initialize_RXK_error_table(); initialize_KTC_error_table(); initialize_ACFG_error_table(); initialize_CMD_error_table(); initialize_VL_error_table(); initialize_BUTM_error_table(); initialize_BUTC_error_table(); #ifdef xbsa initialize_BUTX_error_table(); #endif /*xbs */ initialize_VOLS_error_table(); initialize_BUDB_error_table(); initialize_BUCD_error_table(); if (as->parms[0].items) { portOffset = SafeATOL(as->parms[0].items->data); if (portOffset == -1) { fprintf(stderr, "Illegal port offset '%s'\n", as->parms[0].items->data); exit(1); } else if (portOffset > BC_MAXPORTOFFSET) { fprintf(stderr, "%u exceeds max port offset %u\n", portOffset, BC_MAXPORTOFFSET); exit(1); } } xbsaType = XBSA_SERVER_TYPE_NONE; /* default */ if (as->parms[3].items) { /* -device */ globalTapeConfig.capacity = 0x7fffffff; /* 2T for max tape capacity */ globalTapeConfig.fileMarkSize = 0; globalTapeConfig.portOffset = portOffset; strncpy(globalTapeConfig.device, as->parms[3].items->data, 100); xbsaType = XBSA_SERVER_TYPE_NONE; /* Not XBSA */ } else { /* Search for an entry in tapeconfig file */ code = GetDeviceConfig(tapeConfigFile, &globalTapeConfig, portOffset); if (code == -1) { fprintf(stderr, "Problem in reading config file %s\n", tapeConfigFile); exit(1); } /* Set xbsaType. If code == 1, no entry was found in the tapeconfig file so * it's an XBSA server. Don't know if its ADSM or not so its unknown. */ xbsaType = ((code == 1) ? XBSA_SERVER_TYPE_UNKNOWN : XBSA_SERVER_TYPE_NONE); } if (as->parms[6].items) { /* -restoretofile */ restoretofile = strdup(as->parms[6].items->data); printf("Restore to file '%s'\n", restoretofile); } /* Go and read the config file: CFG_<device> or CFG_<port>. We will also set * the exact xbsaType within the call (won't be unknown) - double check. */ code = GetConfigParams(pFile, portOffset); if (code) exit(code); #ifdef xbsa if (xbsaType == XBSA_SERVER_TYPE_UNKNOWN) { printf ("\nConfiguration file error, the TYPE parameter must be specified, or\n"); printf("an entry must exist in %s for port %d\n", tapeConfigFile, portOffset); exit(1); } #else /* Not compiled for XBSA code so we can't support it */ if (CONF_XBSA) { printf("\nNo entry found in %s for port %d\n", tapeConfigFile, portOffset); printf("This binary does not have XBSA support\n"); exit(1); } #endif /* Open the log files. The pathnames were set in GetConfigParams() */ logIO = fopen(logFile, "a"); if (!logIO) { fprintf(stderr, "Failed to open %s\n", logFile); exit(1); } ErrorlogIO = fopen(ErrorlogFile, "a"); if (!ErrorlogIO) { fprintf(stderr, "Failed to open %s\n", ErrorlogFile); exit(1); } if (lastLog) { lastLogIO = fopen(lastLogFile, "a"); if (!lastLogIO) { fprintf(stderr, "Failed to open %s\n", lastLogFile); exit(1); } } if (centralLogFile) { struct stat sbuf; afs_int32 statcode; #ifndef AFS_NT40_ENV char *path; #endif statcode = stat(centralLogFile, &sbuf); centralLogIO = fopen(centralLogFile, "a"); if (!centralLogIO) { fprintf(stderr, "Failed to open %s; error %d\n", centralLogFile, errno); exit(1); } #ifndef AFS_NT40_ENV /* Make sure it is not in AFS, has to have been created first */ path = malloc(AFSDIR_PATH_MAX); if (path == NULL || !realpath(centralLogFile, path)) { fprintf(stderr, "Warning: can't determine real path of '%s' (%d)\n", centralLogFile, errno); } else { if (strncmp(path, "/afs/", 5) == 0) { fprintf(stderr, "The central log '%s' should not be in AFS\n", centralLogFile); exit(1); } } free(path); #endif /* Write header if created it */ if (statcode) { char *h1 = "TASK START DATE/TIME END DATE/TIME ELAPSED VOLUMESET\n"; char *h2 = "----- ------------------- ------------------- -------- ---------\n"; /* File didn't exist before so write the header lines */ fwrite(h1, strlen(h1), 1, centralLogIO); fwrite(h2, strlen(h2), 1, centralLogIO); fflush(centralLogIO); } } /* Open the configuration directory */ butc_confdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); if (butc_confdir == NULL) { TLog(0, "Failed to open server configuration directory"); exit(1); } /* Start auditing */ osi_audit_init(); if (as->parms[9].items) { auditFileName = as->parms[9].items->data; } if (auditFileName != NULL) osi_audit_file(auditFileName); if (as->parms[10].items) { auditInterface = as->parms[10].items->data; if (osi_audit_interface(auditInterface)) { TLog(0, "Invalid audit interface '%s'\n", auditInterface); exit(1); } } osi_audit(TC_StartEvent, 0, AUD_END); osi_audit_set_user_check(butc_confdir, tc_IsLocalRealmMatch); if (as->parms[1].items) { debugLevel = SafeATOL(as->parms[1].items->data); if (debugLevel == -1) { TLog(0, "Illegal debug level '%s'\n", as->parms[1].items->data); exit(1); } } #ifdef xbsa /* Setup XBSA library interface */ if (CONF_XBSA) { afs_int32 rc; rc = xbsa_MountLibrary(&butxInfo, xbsaType); if (rc != XBSA_SUCCESS) { TapeLog(0, 0, rc, 0, "Unable to mount the XBSA library\n"); return (1); } forcemultiple = (as->parms[7].items ? 1 : 0);/*-xbsaforcemultiple */ if (forcemultiple) printf("Force XBSA multiple server support\n"); rc = InitToServer(0 /*taskid */ , &butxInfo, adsmServerName); if (rc != XBSA_SUCCESS) return (1); (void)signal(SIGINT, xbsa_shutdown); (void)signal(SIGHUP, xbsa_shutdown); } #endif /*xbsa */ /* cell switch */ if (as->parms[2].items) strncpy(cellName, as->parms[2].items->data, sizeof(cellName)); else cellName[0] = '\0'; if (as->parms[4].items) autoQuery = 0; localauth = (as->parms[5].items ? 1 : 0); rxBind = (as->parms[8].items ? 1 : 0); allow_unauth = (as->parms[11].items ? 1 : 0); if (!allow_unauth && !localauth) { const char *errstr = "Neither -localauth nor -allow_unauthenticated was provided; refusing to start in unintended insecure configuration\n"; TLog(0, "%s", (char *)errstr); exit(1); } if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) host = SHostAddrs[0]; } TLog(0, "butc binding rx to %s:%d\n", afs_inet_ntoa_r(host, hoststr), BC_TAPEPORT + portOffset); code = rx_InitHost(host, htons(BC_TAPEPORT + portOffset)); if (code) { TapeLog(0, 0, code, 0, "rx init failed on port %u\n", BC_TAPEPORT + portOffset); exit(1); } rx_SetRxDeadTime(150); /* Establish connection with the vldb server */ code = vldbClientInit(0, localauth, cellName, &cstruct, &tokenExpires); if (code) { TapeLog(0, 0, code, 0, "Can't access vldb\n"); return code; } strcpy(globalCellName, cellName); /*initialize the dumpNode list */ InitNodeList(portOffset); deviceLatch = malloc(sizeof(struct deviceSyncNode)); Lock_Init(&(deviceLatch->lock)); deviceLatch->flags = 0; /* initialize database support, volume support, and logs */ /* * Create security objects for the Rx server functionality. Historically * this was a single rxnull security object, since the tape controller was * run by an operator that had local access to the tape device and some * administrative privilege in the cell (to be able to perform volume-level * accesses), but on a machine that was not necessarily trusted to hold the * cell-wide key. * * Such a configuration is, of course, insecure because anyone can make * inbound RPCs and manipulate the database, including creating bogus * dumps and restoring them! Additionally, in modern usage, butc is * frequently run with -localauth to authenticate its outbound connections * to the volservers and budb with the cell-wide key, in which case the * cell-wide key is present and could be used to authenticate incoming * connections as well. * * If -localauth is in use, create the full barrage of server security * objects, including rxkad, so that inbound connections can be verified * to only be made by authenticated clients. Otherwise, only the rxnull * class is in use with a single server security object. Note that butc * will refuse to start in this configuration unless the * "-allow_unauthenticated" flag is provided, indicating that the operator * has ensured that incoming connections are appropriately restricted by * firewall configuration or network topology. */ if (allow_unauth) { nullObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject(); if (!nullObjects[RX_SECIDX_NULL]) { TLog(0, "rxnull_NewServerSecurityObject"); exit(1); } numClasses = 1; secObjs = nullObjects; } else { /* Must be -localauth, so the cell keys are available. */ afsconf_BuildServerSecurityObjects(butc_confdir, &allObjs, &numClasses); secObjs = allObjs; } service = rx_NewServiceHost(host, 0, 1, "BUTC", secObjs, numClasses, TC_ExecuteRequest); if (!service) { TLog(0, "rx_NewService"); exit(1); } rx_SetMaxProcs(service, 4); /* Establish connection to the backup database */ code = udbClientInit(0, localauth, cellName); if (code) { TapeLog(0, 0, code, 0, "Can't access backup database\n"); exit(1); } /* This call is here to verify that we are authentiated. * The call does nothing and will return BUDB_NOTPERMITTED * if we don't belong. */ code = bcdb_deleteDump(0, 0, 0, 0); if (code == BUDB_NOTPERMITTED) { TapeLog(0, 0, code, 0, "Can't access backup database\n"); exit(1); } initStatus(); #ifdef AFS_PTHREAD_ENV code = pthread_attr_init(&tattr); if (code) { TapeLog(0, 0, code, 0, "Can't pthread_attr_init database monitor task"); exit(1); } code = pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED); if (code) { TapeLog(0, 0, code, 0, "Can't pthread_attr_setdetachstate database monitor task"); exit(1); } AFS_SIGSET_CLEAR(); code = pthread_create(&dbWatcherPid, &tattr, dbWatcher, (void *)2); AFS_SIGSET_RESTORE(); #else code = LWP_CreateProcess(dbWatcher, 20480, LWP_NORMAL_PRIORITY, (void *)2, "dbWatcher", &dbWatcherPid); #endif if (code) { TapeLog(0, 0, code, 0, "Can't create database monitor task"); exit(1); } TLog(0, "Starting Tape Coordinator: Port offset %u Debug level %u\n", portOffset, debugLevel); TLog(0, "Token expires: %s\n", cTIME(&tokenExpires)); rx_StartServer(1); /* Donate this process to the server process pool */ TLog(0, "Error: StartServer returned"); exit(1); }
int xstat_fs_Init(int a_numServers, struct sockaddr_in *a_socketArray, int a_ProbeFreqInSecs, int (*a_ProbeHandler) (void), int a_flags, int a_numCollections, afs_int32 * a_collIDP) { static char rn[] = "xstat_fs_Init"; /*Routine name */ afs_int32 code; /*Return value */ static struct rx_securityClass *CBsecobj; /*Callback security object */ struct rx_securityClass *secobj; /*Client security object */ struct rx_service *rxsrv_afsserver; /*Server for AFS */ int arg_errfound; /*Argument error found? */ int curr_srv; /*Current server idx */ struct xstat_fs_ConnectionInfo *curr_conn; /*Ptr to current conn */ char *hostNameFound; /*Ptr to returned host name */ int conn_err; /*Connection error? */ int collIDBytes; /*Num bytes in coll ID array */ char hoststr[16]; /* * If we've already been called, snicker at the bozo, gently * remind him of his doubtful heritage, and return success. */ if (xstat_fs_initflag) { fprintf(stderr, "[%s] Called multiple times!\n", rn); return (0); } else xstat_fs_initflag = 1; /* * Check the parameters for bogosities. */ arg_errfound = 0; if (a_numServers <= 0) { fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_socketArray == (struct sockaddr_in *)0) { fprintf(stderr, "[%s] Null server socket array argument\n", rn); arg_errfound = 1; } if (a_ProbeFreqInSecs <= 0) { fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn, a_ProbeFreqInSecs); arg_errfound = 1; } if (a_ProbeHandler == (int (*)())0) { fprintf(stderr, "[%s] Null probe handler function argument\n", rn); arg_errfound = 1; } if (a_numCollections <= 0) { fprintf(stderr, "[%s] Illegal collection count argument: %d\n", rn, a_numServers); arg_errfound = 1; } if (a_collIDP == NULL) { fprintf(stderr, "[%s] Null collection ID array argument\n", rn); arg_errfound = 1; } if (arg_errfound) return (-1); /* * Record our passed-in info. */ xstat_fs_debug = (a_flags & XSTAT_FS_INITFLAG_DEBUGGING); xstat_fs_oneShot = (a_flags & XSTAT_FS_INITFLAG_ONE_SHOT); xstat_fs_numServers = a_numServers; xstat_fs_Handler = a_ProbeHandler; xstat_fs_ProbeFreqInSecs = a_ProbeFreqInSecs; xstat_fs_numCollections = a_numCollections; collIDBytes = xstat_fs_numCollections * sizeof(afs_int32); xstat_fs_collIDP = malloc(collIDBytes); memcpy(xstat_fs_collIDP, a_collIDP, collIDBytes); if (xstat_fs_debug) { printf("[%s] Asking for %d collection(s): ", rn, xstat_fs_numCollections); for (curr_srv = 0; curr_srv < xstat_fs_numCollections; curr_srv++) printf("%d ", *(xstat_fs_collIDP + curr_srv)); printf("\n"); } /* * Get ready in case we have to do a cleanup - basically, zero * everything out. */ code = xstat_fs_CleanupInit(); if (code) return (code); /* * Allocate the necessary data structures and initialize everything * else. */ xstat_fs_ConnInfo = malloc(a_numServers * sizeof(struct xstat_fs_ConnectionInfo)); if (xstat_fs_ConnInfo == (struct xstat_fs_ConnectionInfo *)0) { fprintf(stderr, "[%s] Can't allocate %d connection info structs (%" AFS_SIZET_FMT " bytes)\n", rn, a_numServers, (a_numServers * sizeof(struct xstat_fs_ConnectionInfo))); return (-1); /*No cleanup needs to be done yet */ } /* * Initialize the Rx subsystem, just in case nobody's done it. */ if (xstat_fs_debug) printf("[%s] Initializing Rx\n", rn); code = rx_Init(0); if (code) { fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn); return (-1); } if (xstat_fs_debug) printf("[%s] Rx initialized\n", rn); /* * Create a null Rx server security object, to be used by the * Callback listener. */ CBsecobj = (struct rx_securityClass *) rxnull_NewServerSecurityObject(); if (CBsecobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create callback listener's security object.\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Callback server security object created\n", rn); /* * Create a null Rx client security object, to be used by the * probe LWP. */ secobj = rxnull_NewClientSecurityObject(); if (secobj == (struct rx_securityClass *)0) { fprintf(stderr, "[%s] Can't create probe LWP client security object.\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Probe LWP client security object created\n", rn); curr_conn = xstat_fs_ConnInfo; conn_err = 0; for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) { /* * Copy in the socket info for the current server, resolve its * printable name if possible. */ if (xstat_fs_debug) { char hoststr[16]; printf("[%s] Copying in the following socket info:\n", rn); printf("[%s] IP addr %s, port %d\n", rn, afs_inet_ntoa_r((a_socketArray + curr_srv)->sin_addr.s_addr,hoststr), ntohs((a_socketArray + curr_srv)->sin_port)); } memcpy(&(curr_conn->skt), a_socketArray + curr_srv, sizeof(struct sockaddr_in)); hostNameFound = hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr); if (hostNameFound == NULL) { fprintf(stderr, "[%s] Can't map Internet address %s to a string name\n", rn, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr)); curr_conn->hostName[0] = '\0'; } else { strcpy(curr_conn->hostName, hostNameFound); if (xstat_fs_debug) printf("[%s] Host name for server index %d is %s\n", rn, curr_srv, curr_conn->hostName); } /* * Make an Rx connection to the current server. */ if (xstat_fs_debug) printf ("[%s] Connecting to srv idx %d, IP addr %s, port %d, service 1\n", rn, curr_srv, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr), ntohs(curr_conn->skt.sin_port)); curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */ curr_conn->skt.sin_port, /*Server port */ 1, /*AFS service # */ secobj, /*Security obj */ 0); /*# of above */ if (curr_conn->rxconn == (struct rx_connection *)0) { fprintf(stderr, "[%s] Can't create Rx connection to server '%s' (%s)\n", rn, curr_conn->hostName, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr)); conn_err = 1; } if (xstat_fs_debug) printf("[%s] New connection at %" AFS_PTR_FMT "\n", rn, curr_conn->rxconn); /* * Bump the current xstat_fs connection to set up. */ curr_conn++; } /*for curr_srv */ /* * Create the AFS callback service (listener). */ if (xstat_fs_debug) printf("[%s] Creating AFS callback listener\n", rn); rxsrv_afsserver = rx_NewService(0, /*Use default port */ 1, /*Service ID */ "afs", /*Service name */ &CBsecobj, /*Ptr to security object(s) */ 1, /*# of security objects */ RXAFSCB_ExecuteRequest); /*Dispatcher */ if (rxsrv_afsserver == (struct rx_service *)0) { fprintf(stderr, "[%s] Can't create callback Rx service/listener\n", rn); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (-1); } if (xstat_fs_debug) printf("[%s] Callback listener created\n", rn); /* * Start up the AFS callback service. */ if (xstat_fs_debug) printf("[%s] Starting up callback listener.\n", rn); rx_StartServer(0); /*Don't donate yourself to LWP pool */ /* * Start up the probe LWP. */ if (xstat_fs_debug) printf("[%s] Creating the probe LWP\n", rn); code = LWP_CreateProcess(xstat_fs_LWP, /*Function to start up */ LWP_STACK_SIZE, /*Stack size in bytes */ 1, /*Priority */ (void *)0, /*Parameters */ "xstat_fs Worker", /*Name to use */ &probeLWP_ID); /*Returned LWP process ID */ if (code) { fprintf(stderr, "[%s] Can't create xstat_fs LWP! Error is %d\n", rn, code); xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */ return (code); } if (xstat_fs_debug) printf("[%s] Probe LWP process structure located at %" AFS_PTR_FMT "\n", rn, probeLWP_ID); /* * Return the final results. */ if (conn_err) return (-2); else return (0); }
void afspag_Init(afs_int32 nfs_server_addr) { struct clientcred ccred; struct rmtbulk idata, odata; afs_int32 code, err, addr, obuf; int i; afs_uuid_create(&afs_cb_interface.uuid); AFS_GLOCK(); afs_InitStats(); rx_Init(htons(7001)); AFS_STATCNT(afs_ResourceInit); AFS_RWLOCK_INIT(&afs_xuser, "afs_xuser"); AFS_RWLOCK_INIT(&afs_xpagcell, "afs_xpagcell"); AFS_RWLOCK_INIT(&afs_xpagsys, "afs_xpagsys"); AFS_RWLOCK_INIT(&afs_icl_lock, "afs_icl_lock"); afs_resourceinit_flag = 1; afs_nfs_server_addr = nfs_server_addr; for (i = 0; i < MAXNUMSYSNAMES; i++) { afs_sysnamelist[i] = afs_osi_Alloc(MAXSYSNAME); osi_Assert(afs_sysnamelist[i] != NULL); } afs_sysname = afs_sysnamelist[0]; strcpy(afs_sysname, SYS_NAME); afs_sysnamecount = 1; afs_sysnamegen++; srv_secobj = rxnull_NewServerSecurityObject(); stats_svc = rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", &srv_secobj, 1, RXSTATS_ExecuteRequest); pagcb_svc = rx_NewService(0, PAGCB_SERVICEID, "pagcb", &srv_secobj, 1, PAGCB_ExecuteRequest); rx_StartServer(0); clt_secobj = rxnull_NewClientSecurityObject(); rmtsys_conn = rx_NewConnection(nfs_server_addr, htons(7009), RMTSYS_SERVICEID, clt_secobj, 0); #ifdef RXK_LISTENER_ENV afs_start_thread(rxk_Listener, "Rx Listener"); #endif afs_start_thread((void *)(void *)rx_ServerProc, "Rx Server Thread"); afs_start_thread(afs_rxevent_daemon, "Rx Event Daemon"); afs_start_thread(afs_Daemon, "AFS PAG Daemon"); afs_icl_InitLogs(); AFS_GUNLOCK(); /* If it's reachable, tell the translator to nuke our creds. * We should be more agressive about making sure this gets done, * even if the translator is unreachable when we boot. */ addr = obuf = err = 0; idata.rmtbulk_len = sizeof(addr); idata.rmtbulk_val = (char *)&addr; odata.rmtbulk_len = sizeof(obuf); odata.rmtbulk_val = (char *)&obuf; memset(&ccred, 0, sizeof(ccred)); code = RMTSYS_Pioctl(rmtsys_conn, &ccred, NIL_PATHP, 0x4F01, 0, &idata, &odata, &err); } /*afs_ResourceInit */