#include <afsconfig.h>
#include <afs/param.h>
-RCSID
- ("$Header$");
#include <afs/stds.h>
#include <stdlib.h>
int aint32p, int firstTime);
#include "bosint.h"
+#include "bosprototypes.h"
/* command offsets for bos salvage command */
#define MRAFS_OFFSET 10
return tbuffer;
}
-/* global stuff from main for communicating with GetConn */
-static struct rx_securityClass *sc[3];
-static int scIndex;
/* use the syntax descr to get a connection, authenticated appropriately.
* aencrypt is set if we want to encrypt the data on the wire.
{
struct hostent *th;
char *hostname;
+ char *cellname = NULL;
+ const char *confdir;
register afs_int32 code;
register struct rx_connection *tconn;
afs_int32 addr;
- register struct afsconf_dir *tdir;
- int encryptLevel;
- struct ktc_principal sname;
- struct ktc_token ttoken;
- int localauth;
- const char *confdir;
+ struct afsconf_dir *tdir = NULL;
+ afsconf_secflags secFlags;
+ struct rx_securityClass *sc;
+ afs_int32 scIndex;
hostname = as->parms[0].items->data;
th = hostutil_GetHostByName(hostname);
}
memcpy(&addr, th->h_addr, sizeof(afs_int32));
- /* get tokens for making authenticated connections */
- localauth = (as->parms[ADDPARMOFFSET + 2].items != 0);
- confdir =
- (localauth ? AFSDIR_SERVER_ETC_DIRPATH : AFSDIR_CLIENT_ETC_DIRPATH);
- tdir = afsconf_Open(confdir);
- if (tdir) {
- struct afsconf_cell info;
- char *tname;
+ secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
- if (as->parms[ADDPARMOFFSET].items)
- tname = as->parms[ADDPARMOFFSET].items->data;
- else
- tname = NULL;
- /* next call expands cell name abbrevs for us and handles looking up
- * local cell */
- code = afsconf_GetCellInfo(tdir, tname, NULL, &info);
- if (code) {
- afs_com_err("bos", code, "(can't find cell '%s' in cell database)",
- (tname ? tname : "<default>"));
- exit(1);
- } else
- strcpy(sname.cell, info.name);
+ if (as->parms[ADDPARMOFFSET + 2].items) { /* -localauth */
+ secFlags |= AFSCONF_SECOPTS_LOCALAUTH;
+ confdir = AFSDIR_SERVER_ETC_DIRPATH;
} else {
- printf("bos: can't open cell database (%s)\n", confdir);
- exit(1);
+ confdir = AFSDIR_CLIENT_ETC_DIRPATH;
}
- sname.instance[0] = 0;
- strcpy(sname.name, "afs");
- sc[0] = rxnull_NewClientSecurityObject();
- sc[1] = 0;
- sc[2] = 0;
- scIndex = 0;
- if (!as->parms[ADDPARMOFFSET + 1].items) { /* not -noauth */
- if (as->parms[ADDPARMOFFSET + 2].items) { /* -localauth */
- code = afsconf_GetLatestKey(tdir, 0, 0);
- if (code)
- afs_com_err("bos", code, "(getting key from local KeyFile)");
- else {
- if (aencrypt)
- code = afsconf_ClientAuthSecure(tdir, &sc[2], &scIndex);
- else
- code = afsconf_ClientAuth(tdir, &sc[2], &scIndex);
- if (code)
- afs_com_err("bos", code, "(calling ClientAuth)");
- else if (scIndex != 2) /* this shouldn't happen */
- sc[scIndex] = sc[2];
- }
- } else { /* not -localauth, check for tickets */
- code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL);
- if (code == 0) {
- /* have tickets, will travel */
- if (ttoken.kvno >= 0 && ttoken.kvno <= 256);
- else {
- fprintf(stderr,
- "bos: funny kvno (%d) in ticket, proceeding\n",
- ttoken.kvno);
- }
- /* kerberos tix */
- if (aencrypt)
- encryptLevel = rxkad_crypt;
- else
- encryptLevel = rxkad_clear;
- sc[2] = (struct rx_securityClass *)
- rxkad_NewClientSecurityObject(encryptLevel,
- &ttoken.sessionKey,
- ttoken.kvno,
- ttoken.ticketLen,
- ttoken.ticket);
- scIndex = 2;
- } else
- afs_com_err("bos", code, "(getting tickets)");
- }
- if ((scIndex == 0) || (sc[scIndex] == 0)) {
- fprintf(stderr, "bos: running unauthenticated\n");
- scIndex = 0;
+ if (as->parms[ADDPARMOFFSET + 1].items) { /* -noauth */
+ secFlags |= AFSCONF_SECOPTS_NOAUTH;
+ } else {
+ /* If we're running with -noauth, we don't need a configuration
+ * directory */
+ tdir = afsconf_Open(confdir);
+ if (tdir == NULL) {
+ printf("bos: can't open cell database (%s)\n", confdir);
+ exit(1);
}
}
+
+ if (as->parms[ADDPARMOFFSET].items) /* -cell */
+ cellname = as->parms[ADDPARMOFFSET].items->data;
+
+ code = afsconf_PickClientSecObj(tdir, secFlags, NULL, cellname,
+ &sc, &scIndex, NULL);
+ if (code) {
+ afs_com_err("bos", code, "(configuring connection security)");
+ exit(1);
+ }
+
+ if (scIndex == RX_SECIDX_NULL)
+ fprintf(stderr, "bos: running unauthenticated\n");
+
tconn =
- rx_NewConnection(addr, htons(AFSCONF_NANNYPORT), 1, sc[scIndex],
- scIndex);
+ rx_NewConnection(addr, htons(AFSCONF_NANNYPORT), 1, sc, scIndex);
if (!tconn) {
fprintf(stderr, "bos: could not create rx connection\n");
exit(1);
}
- rxs_Release(sc[scIndex]);
+ rxs_Release(sc);
return tconn;
}
ka_StringToKey(buf, tcell, &tkey);
}
tconn = GetConn(as, 1);
- code = BOZO_AddKey(tconn, temp, &tkey);
+ code = BOZO_AddKey(tconn, temp, ktc_to_bozoptr(&tkey));
if (code) {
printf("bos: failed to set key %d (%s)\n", temp, em(code));
exit(1);
tconn = GetConn(as, 1);
everWorked = 0;
for (i = 0;; i++) {
- code = BOZO_ListKeys(tconn, i, &kvno, &tkey, &keyInfo);
+ code = BOZO_ListKeys(tconn, i, &kvno, ktc_to_bozoptr(&tkey), &keyInfo);
if (code)
break;
everWorked = 1;
/* first check if key is returned */
- if ((!ka_KeyIsZero(&tkey, sizeof(tkey))) && (as->parms[1].items)) {
+ if ((!ka_KeyIsZero(ktc_to_charptr(&tkey), sizeof(tkey))) && (as->parms[1].items)) {
printf("key %d is '", kvno);
- ka_PrintBytes(&tkey, sizeof(tkey));
+ ka_PrintBytes(ktc_to_charptr(&tkey), sizeof(tkey));
printf("'\n");
} else {
if (keyInfo.keyCheckSum == 0) /* shouldn't happen */
printf("bos: command line too big\n");
return (E2BIG);
}
- strcat(tbuffer, " -f ");
+ strcat(tbuffer, " -force ");
strcat(tbuffer, partName);
}
if (mrafsParm->OptDontAskFS)
strcat(tbuffer, " -DontAskFS");
if (mrafsParm->OptLogLevel) {
- sprintf(pbuffer, " -LogLevel %ld", (long int) mrafsParm->OptLogLevel);
+ sprintf(pbuffer, " -LogLevel %ld", afs_printable_int32_ld(mrafsParm->OptLogLevel));
strcat(tbuffer, pbuffer);
}
if (mrafsParm->OptRxDebug)
strcat(tbuffer, " -rxdebug");
if (mrafsParm->OptResidencies) {
sprintf(pbuffer, " -Residencies %lu",
- (long unsigned int) mrafsParm->OptResidencies);
+ afs_printable_uint32_lu(mrafsParm->OptResidencies));
strcat(tbuffer, pbuffer);
}
}
return 0;
}
-#ifdef BOS_RESTRICTED_MODE
static int
GetRestrict(struct cmd_syndesc *as, void *arock)
{
printf("bos: failed to set restricted mode (%s)\n", em(code));
return 0;
}
-#endif
static void
add_std_args(register struct cmd_syndesc *ts)
cmd_AddParm(ts, "-newbinary", CMD_FLAG, CMD_OPTIONAL,
"set new binary restart time");
add_std_args(ts);
+ cmd_CreateAlias(ts, "setr");
ts = cmd_CreateSyntax("getrestart", GetRestartCmd, NULL,
"get restart times");
cmd_AddParm(ts, "-server", CMD_SINGLE, CMD_REQUIRED, "machine name");
add_std_args(ts);
+ cmd_CreateAlias(ts, "getr");
ts = cmd_CreateSyntax("salvage", SalvageCmd, NULL,
"salvage partition or volumes");
cmd_AddParm(ts, "-server", CMD_SINGLE, CMD_REQUIRED, "machine name");
add_std_args(ts);
-#ifdef BOS_RESTRICTED_MODE
ts = cmd_CreateSyntax("getrestricted", GetRestrict, NULL,
"get restrict mode");
cmd_AddParm(ts, "-server", CMD_SINGLE, 0, "machine name");
cmd_AddParm(ts, "-mode", CMD_SINGLE, 0, "mode to set");
add_std_args(ts);
#endif
-#endif
code = cmd_Dispatch(argc, argv);
rx_Finalize();