int main(int argc, char **argv) { char *whoami = argv[0]; char *dbNamePtr = 0; struct afsconf_cell cellinfo_s; struct afsconf_cell *cellinfo = NULL; time_t currentTime; afs_int32 code = 0; char hoststr[16]; afs_uint32 host = ntohl(INADDR_ANY); int r; char clones[MAXHOSTSPERCELL]; struct rx_service *tservice; struct rx_securityClass **securityClasses; afs_int32 numClasses; extern int rx_stackSize; #ifdef AFS_NT40_ENV /* initialize winsock */ if (afs_winsockInit() < 0) { ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0); fprintf(stderr, "%s: Couldn't initialize winsock.\n", whoami); exit(1); } #endif #ifdef AFS_AIX32_ENV /* * The following signal action for AIX is necessary so that in case of a * crash (i.e. core is generated) we can include the user's data section * in the core dump. Unfortunately, by default, only a partial core is * generated which, in many cases, isn't too useful. */ struct sigaction nsa; sigemptyset(&nsa.sa_mask); nsa.sa_handler = SIG_DFL; nsa.sa_flags = SA_FULLDUMP; sigaction(SIGSEGV, &nsa, NULL); sigaction(SIGABRT, &nsa, NULL); #endif memset(&cellinfo_s, 0, sizeof(cellinfo_s)); memset(clones, 0, sizeof(clones)); memset(&logopts, 0, sizeof(logopts)); logopts.lopt_dest = logDest_file; logopts.lopt_filename = AFSDIR_SERVER_BUDBLOG_FILEPATH; osi_audit_init(); osi_audit(BUDB_StartEvent, 0, AUD_END); initialize_BUDB_error_table(); initializeArgHandler(); /* Initialize dirpaths */ if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) { #ifdef AFS_NT40_ENV ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0); #endif afs_com_err(whoami, errno, "; Unable to obtain AFS server directory."); exit(2); } memset(globalConfPtr, 0, sizeof(*globalConfPtr)); /* set default configuration values */ strcpy(dbDir, AFSDIR_SERVER_DB_DIRPATH); strcat(dbDir, "/"); globalConfPtr->databaseDirectory = dbDir; globalConfPtr->databaseName = DEFAULT_DBPREFIX; strcpy(cellConfDir, AFSDIR_SERVER_ETC_DIRPATH); globalConfPtr->cellConfigdir = cellConfDir; srandom(1); #ifdef AFS_PTHREAD_ENV SetLogThreadNumProgram( rx_GetThreadNum ); #endif /* process the user supplied args */ helpOption = 1; code = cmd_Dispatch(argc, argv); if (code) ERROR(code); /* exit if there was a help option */ if (helpOption) BUDB_EXIT(0); /* open the log file */ OpenLog(&logopts); /* open the cell's configuration directory */ LogDebug(4, "opening %s\n", globalConfPtr->cellConfigdir); BU_conf = afsconf_Open(globalConfPtr->cellConfigdir); if (BU_conf == 0) { LogError(code, "Failed getting cell info\n"); afs_com_err(whoami, code, "Failed getting cell info"); ERROR(BUDB_NOCELLS); } code = afsconf_GetLocalCell(BU_conf, lcell, sizeof(lcell)); if (code) { LogError(0, "** Can't determine local cell name!\n"); ERROR(code); } if (globalConfPtr->myHost == 0) { /* if user hasn't supplied a list of servers, extract server * list from the cell's database */ cellinfo = &cellinfo_s; LogDebug(1, "Using server list from %s cell database.\n", lcell); code = afsconf_GetExtendedCellInfo (BU_conf, lcell, 0, cellinfo, clones); if (code) { LogError(0, "Can't read cell information\n"); ERROR(code); } code = convert_cell_to_ubik(cellinfo, &globalConfPtr->myHost, globalConfPtr->serverList); if (code) ERROR(code); } /* initialize audit user check */ osi_audit_set_user_check(BU_conf, BU_IsLocalRealmMatch); /* initialize ubik */ ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, BU_conf); ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects, afsconf_CheckAuth, BU_conf); if (ubik_nBuffers == 0) ubik_nBuffers = 400; LogError(0, "Will allocate %d ubik buffers\n", ubik_nBuffers); r = asprintf(&dbNamePtr, "%s%s", globalConfPtr->databaseDirectory, globalConfPtr->databaseName); if (r < 0 || dbNamePtr == 0) ERROR(-1); rx_SetRxDeadTime(60); /* 60 seconds inactive before timeout */ if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) { host = SHostAddrs[0]; } } Log("buserver binding rx to %s:%d\n", afs_inet_ntoa_r(host, hoststr), AFSCONF_BUDBPORT); code = rx_InitHost(host, htons(AFSCONF_BUDBPORT)); if (code) { LogError(code, "rx init failed\n"); afs_com_err(whoami, code, "rx init failed"); ERROR(code); } /* Disable jumbograms */ rx_SetNoJumbo(); if (cellinfo) { code = ubik_ServerInitByInfo(globalConfPtr->myHost, htons(AFSCONF_BUDBPORT), cellinfo, clones, dbNamePtr, /* name prefix */ &BU_dbase); } else { code = ubik_ServerInit(globalConfPtr->myHost, htons(AFSCONF_BUDBPORT), globalConfPtr->serverList, dbNamePtr, /* name prefix */ &BU_dbase); } if (code) { LogError(code, "Ubik init failed\n"); afs_com_err(whoami, code, "Ubik init failed"); ERROR(code); } afsconf_BuildServerSecurityObjects(BU_conf, &securityClasses, &numClasses); tservice = rx_NewServiceHost(host, 0, BUDB_SERVICE, "BackupDatabase", securityClasses, numClasses, BUDB_ExecuteRequest); if (tservice == (struct rx_service *)0) { LogError(0, "Could not create backup database rx service\n"); printf("Could not create backup database rx service\n"); BUDB_EXIT(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, lwps); rx_SetStackSize(tservice, 10000); /* allow super users to manage RX statistics */ rx_SetRxStatUserOk(BU_rxstat_userok); /* misc. initialization */ /* database dump synchronization */ memset(dumpSyncPtr, 0, sizeof(*dumpSyncPtr)); Lock_Init(&dumpSyncPtr->ds_lock); rx_StartServer(0); /* start handling requests */ code = InitProcs(); if (code) ERROR(code); currentTime = time(0); LogError(0, "Ready to process requests at %s\n", ctime(¤tTime)); rx_ServerProc(NULL); /* donate this LWP */ error_exit: osi_audit(BUDB_FinishEvent, code, AUD_END); return (code); }
int main(int argc, char *argv[]) { afs_int32 code; char *whoami = argv[0]; afs_uint32 serverList[MAXSERVERS]; struct afsconf_cell cellinfo; char *cell; const char *cellservdb, *dbpath, *lclpath; int a; char arg[32]; char default_lclpath[AFSDIR_PATH_MAX]; int servers; int initFlags; int level; /* security level for Ubik */ afs_int32 i; char clones[MAXHOSTSPERCELL]; afs_uint32 host = ntohl(INADDR_ANY); char *auditFileName = NULL; struct rx_service *tservice; struct rx_securityClass *sca[1]; struct rx_securityClass *scm[3]; extern int rx_stackSize; #ifdef AFS_AIX32_ENV /* * The following signal action for AIX is necessary so that in case of a * crash (i.e. core is generated) we can include the user's data section * in the core dump. Unfortunately, by default, only a partial core is * generated which, in many cases, isn't too useful. */ struct sigaction nsa; sigemptyset(&nsa.sa_mask); nsa.sa_handler = SIG_DFL; nsa.sa_flags = SA_FULLDUMP; sigaction(SIGABRT, &nsa, NULL); sigaction(SIGSEGV, &nsa, NULL); #endif osi_audit_init(); if (argc == 0) { usage: printf("Usage: kaserver [-noAuth] [-database <dbpath>] " "[-auditlog <log path>] [-audit-interface <file|sysvmq>] " "[-rxbind] [-localfiles <lclpath>] [-minhours <n>] " "[-servers <serverlist>] [-crossrealm] " /*" [-enable_peer_stats] [-enable_process_stats] " */ "[-help]\n"); exit(1); } #ifdef AFS_NT40_ENV /* initialize winsock */ if (afs_winsockInit() < 0) { ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0); fprintf(stderr, "%s: Couldn't initialize winsock.\n", whoami); exit(1); } #endif /* Initialize dirpaths */ if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) { #ifdef AFS_NT40_ENV ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0); #endif fprintf(stderr, "%s: Unable to obtain AFS server directory.\n", argv[0]); exit(2); } cellservdb = AFSDIR_SERVER_ETC_DIRPATH; dbpath = AFSDIR_SERVER_KADB_FILEPATH; strcompose(default_lclpath, AFSDIR_PATH_MAX, AFSDIR_SERVER_LOCAL_DIRPATH, "/", AFSDIR_KADB_FILE, NULL); lclpath = default_lclpath; debugOutput = 0; servers = 0; initFlags = 0; level = rxkad_crypt; for (a = 1; a < argc; a++) { int arglen = strlen(argv[a]); lcstring(arg, argv[a], sizeof(arg)); #define IsArg(a) (strncmp (arg,a, arglen) == 0) if (strcmp(arg, "-database") == 0) { dbpath = argv[++a]; if (strcmp(lclpath, default_lclpath) == 0) lclpath = dbpath; } else if (strncmp(arg, "-auditlog", arglen) == 0) { auditFileName = argv[++a]; } else if (strncmp(arg, "-audit-interface", arglen) == 0) { char *interface = argv[++a]; if (osi_audit_interface(interface)) { printf("Invalid audit interface '%s'\n", interface); exit(1); } } else if (strcmp(arg, "-localfiles") == 0) lclpath = argv[++a]; else if (strcmp(arg, "-servers") == 0) debugOutput++, servers = 1; else if (strcmp(arg, "-noauth") == 0) debugOutput++, initFlags |= 1; else if (strcmp(arg, "-fastkeys") == 0) debugOutput++, initFlags |= 4; else if (strcmp(arg, "-dbfixup") == 0) debugOutput++, initFlags |= 8; else if (strcmp(arg, "-cellservdb") == 0) { cellservdb = argv[++a]; initFlags |= 2; debugOutput++; } else if (IsArg("-crypt")) level = rxkad_crypt; else if (IsArg("-safe")) level = rxkad_crypt; else if (IsArg("-clear")) level = rxkad_clear; else if (IsArg("-sorry")) level = rxkad_clear; else if (IsArg("-debug")) verbose_track = 0; else if (IsArg("-crossrealm")) krb4_cross = 1; else if (IsArg("-rxbind")) rxBind = 1; else if (IsArg("-minhours")) { MinHours = atoi(argv[++a]); } else if (IsArg("-enable_peer_stats")) { rx_enablePeerRPCStats(); } else if (IsArg("-enable_process_stats")) { rx_enableProcessRPCStats(); } else if (*arg == '-') { /* hack to support help flag */ goto usage; } } if (auditFileName) { osi_audit_file(auditFileName); } if ((code = ka_CellConfig(cellservdb))) goto abort; cell = ka_LocalCell(); KA_conf = afsconf_Open(cellservdb); if (!KA_conf) { code = KANOCELLS; abort: afs_com_err(whoami, code, "Failed getting cell info"); exit(1); } #ifdef AUTH_DBM_LOG kalog_Init(); #else /* NT & HPUX do not have dbm package support. So we can only do some * text logging. So open the AuthLog file for logging and redirect * stdin and stdout to it */ OpenLog(AFSDIR_SERVER_KALOG_FILEPATH); SetupLogSignals(); #endif fprintf(stderr, "%s: WARNING: kaserver is deprecated due to its weak security " "properties. Migrating to a Kerberos 5 KDC is advised. " "http://www.openafs.org/no-more-des.html\n", whoami); ViceLog(0, ("WARNING: kaserver is deprecated due to its weak security properties. " "Migrating to a Kerberos 5 KDC is advised. " "http://www.openafs.org/no-more-des.html\n")); code = afsconf_GetExtendedCellInfo(KA_conf, cell, AFSCONF_KAUTHSERVICE, &cellinfo, clones); if (servers) { if ((code = ubik_ParseServerList(argc, argv, &myHost, serverList))) { afs_com_err(whoami, code, "Couldn't parse server list"); exit(1); } cellinfo.hostAddr[0].sin_addr.s_addr = myHost; for (i = 1; i < MAXSERVERS; i++) { if (!serverList[i]) break; cellinfo.hostAddr[i].sin_addr.s_addr = serverList[i]; } cellinfo.numServers = i; } else { code = convert_cell_to_ubik(&cellinfo, &myHost, serverList); if (code) goto abort; ViceLog(0, ("Using server list from %s cell database.\n", cell)); } /* initialize audit user check */ osi_audit_set_user_check(KA_conf, KA_IsLocalRealmMatch); /* initialize ubik */ if (level == rxkad_clear) ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, KA_conf); else if (level == rxkad_crypt) ubik_SetClientSecurityProcs(afsconf_ClientAuthSecure, afsconf_UpToDate, KA_conf); else { ViceLog(0, ("Unsupported security level %d\n", level)); exit(5); } ViceLog(0, ("Using level %s for Ubik connections.\n", (level == rxkad_crypt ? "crypt" : "clear"))); ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects, afsconf_CheckAuth, KA_conf); ubik_nBuffers = 80; if (rxBind) { afs_int32 ccode; if (AFSDIR_SERVER_NETRESTRICT_FILEPATH || AFSDIR_SERVER_NETINFO_FILEPATH) { char reason[1024]; ccode = parseNetFiles(SHostAddrs, NULL, NULL, ADDRSPERSITE, reason, AFSDIR_SERVER_NETINFO_FILEPATH, AFSDIR_SERVER_NETRESTRICT_FILEPATH); } else { ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE); } if (ccode == 1) { host = SHostAddrs[0]; rx_InitHost(host, htons(AFSCONF_KAUTHPORT)); } } /* Disable jumbograms */ rx_SetNoJumbo(); if (servers) code = ubik_ServerInit(myHost, htons(AFSCONF_KAUTHPORT), serverList, dbpath, &KA_dbase); else code = ubik_ServerInitByInfo(myHost, htons(AFSCONF_KAUTHPORT), &cellinfo, clones, dbpath, &KA_dbase); if (code) { afs_com_err(whoami, code, "Ubik init failed"); exit(2); } sca[RX_SCINDEX_NULL] = rxnull_NewServerSecurityObject(); tservice = rx_NewServiceHost(host, 0, KA_AUTHENTICATION_SERVICE, "AuthenticationService", sca, 1, KAA_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Authentication rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); tservice = rx_NewServiceHost(host, 0, KA_TICKET_GRANTING_SERVICE, "TicketGrantingService", sca, 1, KAT_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Ticket Granting rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); scm[RX_SCINDEX_NULL] = sca[RX_SCINDEX_NULL]; scm[RX_SCINDEX_VAB] = 0; scm[RX_SCINDEX_KAD] = rxkad_NewServerSecurityObject(rxkad_crypt, 0, kvno_admin_key, 0); tservice = rx_NewServiceHost(host, 0, KA_MAINTENANCE_SERVICE, "Maintenance", scm, 3, KAM_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create Maintenance rx service\n")); exit(3); } rx_SetMinProcs(tservice, 1); rx_SetMaxProcs(tservice, 1); rx_SetStackSize(tservice, 10000); tservice = rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats", scm, 3, RXSTATS_ExecuteRequest); if (tservice == (struct rx_service *)0) { ViceLog(0, ("Could not create rpc stats rx service\n")); exit(3); } rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 4); initialize_dstats(); /* allow super users to manage RX statistics */ rx_SetRxStatUserOk(KA_rxstat_userok); rx_StartServer(0); /* start handling req. of all types */ if (init_kaprocs(lclpath, initFlags)) return -1; if ((code = init_krb_udp())) { ViceLog(0, ("Failed to initialize UDP interface; code = %d.\n", code)); ViceLog(0, ("Running without UDP access.\n")); } ViceLog(0, ("Starting to process AuthServer requests\n")); rx_ServerProc(NULL); /* donate this LWP */ return 0; }
int main(int argc, char **argv) { afs_int32 code, i; afs_uint32 serverList[MAXSERVERS]; afs_uint32 myHost; struct rx_service *tservice; struct rx_securityClass *sc[2]; char dbfileName[128]; if (argc == 1) { printf("usage: userver -servers <serverlist> {-sleep <sleeptime>}\n"); exit(0); } #ifdef AFS_NT40_ENV /* initialize winsock */ if (afs_winsockInit() < 0) return -1; #endif /* parse our own local arguments */ sleepTime = 0; for (i = 1; i < argc; i++) { if (strcmp(argv[i], "-sleep") == 0) { if (i >= argc - 1) { printf("missing time in -sleep argument\n"); exit(1); } sleepTime = atoi(argv[i + 1]); i++; } } /* call routine to parse command line -servers switch, filling in * myHost and serverList arrays appropriately */ code = ubik_ParseServerList(argc, argv, &myHost, serverList); if (code) { printf("could not parse server list, code %d\n", code); exit(1); } /* call ServerInit with the values from ParseServerList. Also specify the * name to use for the database files (/tmp/testdb), and the port (3000) * for RPC requests. ServerInit returns a pointer to the database (in * dbase), which is required for creating new transactions */ sprintf(dbfileName, "%s/testdb", gettmpdir()); code = ubik_ServerInit(myHost, htons(3000), serverList, dbfileName, &dbase); if (code) { printf("ubik init failed with code %d\n", code); exit(1); } sc[0] = rxnull_NewServerSecurityObject(); #if 0 sc[1] = rxvab_NewServerSecurityObject("applexx", 0); #endif tservice = rx_NewService(0, USER_SERVICE_ID, "Sample", sc, 1 /*2 */ , SAMPLE_ExecuteRequest); if (tservice == (struct rx_service *)0) { printf("Could not create SAMPLE rx service\n"); exit(3); } rx_SetMinProcs(tservice, 2); rx_SetMaxProcs(tservice, 3); rx_StartServer(1); /* Why waste this idle process?? */ return 0; }