/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
* is a member of (since the entries field is used to
* list it's members). This new field is supergroups and
* has two entries. If more are required, a continuation
- * record is formed.
+ * record is formed.
* There are two additional fields required, nextsg is
* an address of the next continuation record for this
- * group, and countsg is the count for the number of
+ * group, and countsg is the count for the number of
* groups this group is a member of.
- *
+ *
*
*
* 09/18/95 jjm Add mdw's changes to afs-3.3a Changes:
#include <afsconfig.h>
#include <afs/param.h>
+#include <afs/stds.h>
+#include <roken.h>
-#include <afs/stds.h>
-#ifdef AFS_AIX32_ENV
-#include <signal.h>
-#endif
-#include <sys/types.h>
-#include <stdio.h>
-#include <fcntl.h>
-#include <sys/stat.h>
#ifdef AFS_NT40_ENV
-#include <winsock2.h>
#include <WINNT/afsevent.h>
-#else
-#include <netdb.h>
-#include <netinet/in.h>
#endif
-#include <string.h>
+
#include <rx/xdr.h>
#include <rx/rx.h>
#include <rx/rx_globals.h>
+#include <rx/rxstat.h>
#include <lock.h>
#include <ubik.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/keys.h>
+#include <afs/afsutil.h>
+#include <afs/audit.h>
+#include <afs/com_err.h>
+
#include "ptserver.h"
#include "ptprototypes.h"
#include "error_macros.h"
-#include "afs/audit.h"
-#include <afs/afsutil.h>
-#include <afs/com_err.h>
-#include <rx/rxstat.h>
/* make all of these into a structure if you want */
struct prheader cheader;
extern afs_int32 depthsg;
#endif
-int pr_realmNameLen;
char *pr_realmName;
int debuglevel = 0;
int
main(int argc, char **argv)
{
- register afs_int32 code;
- afs_int32 myHost;
- register struct hostent *th;
+ afs_int32 code;
+ afs_uint32 myHost;
+ struct hostent *th;
char hostname[64];
struct rx_service *tservice;
- struct rx_securityClass *sc[3];
- extern int RXSTATS_ExecuteRequest(struct rx_call *);
-#if 0
- struct ktc_encryptionKey tkey;
-#endif
- int kerberosKeys; /* set if found some keys */
+ struct rx_securityClass **securityClasses;
+ afs_int32 numClasses;
int lwps = 3;
char clones[MAXHOSTSPERCELL];
afs_uint32 host = htonl(INADDR_ANY);
const char *pr_dbaseName;
+ const char *configDir;
+ const char *logFile;
char *whoami = "ptserver";
int a;
char arg[100];
+ char *auditFileName = NULL;
+
#ifdef AFS_AIX32_ENV
/*
- * The following signal action for AIX is necessary so that in case of a
- * crash (i.e. core is generated) we can include the user's data section
+ * The following signal action for AIX is necessary so that in case of a
+ * crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
}
pr_dbaseName = AFSDIR_SERVER_PRDB_FILEPATH;
+ configDir = AFSDIR_SERVER_ETC_DIRPATH;
+ logFile = AFSDIR_SERVER_PTLOG_FILEPATH;
#if defined(SUPERGROUPS)
/* make sure the structures for database records are the same size */
|| (sizeof(struct prentryg) != ENTRYSIZE)) {
fprintf(stderr,
"The structures for the database records are different"
- " sizes\n" "struct prentry = %d\n" "struct prentryg = %d\n"
+ " sizes\n" "struct prentry = %" AFS_SIZET_FMT "\n"
+ "struct prentryg = %" AFS_SIZET_FMT "\n"
"ENTRYSIZE = %d\n", sizeof(struct prentry),
sizeof(struct prentryg), ENTRYSIZE);
PT_EXIT(1);
alen = strlen(arg);
if (strcmp(argv[a], "-d") == 0) {
if ((a + 1) >= argc) {
- fprintf(stderr, "missing argument for -d\n");
- return -1;
+ fprintf(stderr, "missing argument for -d\n");
+ return -1;
}
debuglevel = atoi(argv[++a]);
LogLevel = debuglevel;
lwps, 3);
lwps = 3;
}
- } else if (strncmp(arg, "-rebuild", alen) == 0) /* rebuildDB++ */
- ;
#if defined(SUPERGROUPS)
- else if ((strncmp(arg, "-groupdepth", alen) == 0)
+ } else if ((strncmp(arg, "-groupdepth", alen) == 0)
|| (strncmp(arg, "-depth", alen) == 0)) {
depthsg = atoi(argv[++a]); /* Max search depth for supergroups */
- }
#endif
- else if (strncmp(arg, "-default_access", alen) == 0) {
+ } else if (strncmp(arg, "-default_access", alen) == 0) {
prp_user_default = prp_access_mask(argv[++a]);
prp_group_default = prp_access_mask(argv[++a]);
}
}
#endif
else if (strncmp(arg, "-auditlog", alen) == 0) {
- char *fileName = argv[++a];
+ auditFileName = argv[++a];
- osi_audit_file(fileName);
- osi_audit(PTS_StartEvent, 0, AUD_END);
+ } else if (strncmp(arg, "-audit-interface", alen) == 0) {
+ char *interface = argv[++a];
+ if (osi_audit_interface(interface)) {
+ printf("Invalid audit interface '%s'\n", interface);
+ PT_EXIT(1);
+ }
}
else if (!strncmp(arg, "-rxmaxmtu", alen)) {
if ((a + 1) >= argc) {
rxMaxMTU = atoi(argv[++a]);
if ((rxMaxMTU < RX_MIN_PACKET_SIZE) ||
(rxMaxMTU > RX_MAX_PACKET_DATA_SIZE)) {
- printf("rxMaxMTU %d invalid; must be between %d-%lu\n",
+ printf("rxMaxMTU %d invalid; must be between %d-%" AFS_SIZET_FMT "\n",
rxMaxMTU, RX_MIN_PACKET_SIZE,
RX_MAX_PACKET_DATA_SIZE);
PT_EXIT(1);
}
- }
+ } else if (!strncmp(arg, "-config", alen)) {
+ if ((a + 1) > argc) {
+ fprintf(stderr, "missing argument for -config\n");
+ PT_EXIT(1);
+ }
+ configDir = argv[++a];
+ } else if (!strncmp(arg, "-logfile", alen)) {
+ if ((a + 1) > argc) {
+ fprintf(stderr, "missing argument for -logfile\n");
+ PT_EXIT(1);
+ }
+ logFile = argv[++a];
+ }
else if (*arg == '-') {
/* hack in help flag support */
-
-#if defined(SUPERGROUPS)
-#ifndef AFS_NT40_ENV
printf("Usage: ptserver [-database <db path>] "
"[-auditlog <log path>] "
- "[-syslog[=FACILITY]] [-d <debug level>] "
- "[-p <number of processes>] [-rebuild] "
- "[-groupdepth <depth>] "
- "[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
- "[-allow-dotted-principals] "
- "[-enable_peer_stats] [-enable_process_stats] "
- "[-default_access default_user_access default_group_access] "
- "[-help]\n");
-#else /* AFS_NT40_ENV */
- printf("Usage: ptserver [-database <db path>] "
- "[-auditlog <log path>] [-d <debug level>] "
- "[-p <number of processes>] [-rebuild] [-rxbind] "
- "[-allow-dotted-principals] "
- "[-default_access default_user_access default_group_access] "
- "[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
- "[-groupdepth <depth>] " "[-help]\n");
-#endif
-#else
+ "[-audit-interface <file|sysvmq> (default is file)] "
+ "[-config <config directory path>] "
+ "[-logfile <log file path>] ");
#ifndef AFS_NT40_ENV
- printf("Usage: ptserver [-database <db path>] "
- "[-auditlog <log path>] [-d <debug level>] "
- "[-syslog[=FACILITY]] "
- "[-p <number of processes>] [-rebuild] "
- "[-enable_peer_stats] [-enable_process_stats] "
- "[-default_access default_user_access default_group_access] "
- "[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
- "[-allow-dotted-principals] "
- "[-help]\n");
-#else /* AFS_NT40_ENV */
- printf("Usage: ptserver [-database <db path>] "
- "[-auditlog <log path>] [-d <debug level>] "
- "[-default_access default_user_access default_group_access] "
- "[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
- "[-allow-dotted-principals] "
- "[-p <number of processes>] [-rebuild] " "[-help]\n");
+ printf("[-syslog[=FACILITY]] ");
#endif
+ printf("[-d <debug level>] "
+ "[-p <number of processes>] [-rebuild] [-rxbind] ");
+#if defined(SUPERGROUPS)
+ printf("[-groupdepth <depth>] ");
+#endif
+ printf("[-restricted] [-rxmaxmtu <bytes>] "
+ "[-allow-dotted-principals] ");
+#ifndef AFS_NT40_ENV
+ printf("[-enable_peer_stats] [-enable_process_stats] ");
#endif
+ printf("[-default_access default_user_access default_group_access] "
+ "[-help]\n");
+
fflush(stdout);
PT_EXIT(1);
}
-#if defined(SUPERGROUPS)
else {
fprintf(stderr, "Unrecognized arg: '%s' ignored!\n", arg);
}
-#endif
+ }
+
+ if (auditFileName) {
+ osi_audit_file(auditFileName);
+ osi_audit(PTS_StartEvent, 0, AUD_END);
}
#ifndef AFS_NT40_ENV
serverLogSyslogTag = "ptserver";
#endif
- OpenLog(AFSDIR_SERVER_PTLOG_FILEPATH); /* set up logging */
+ OpenLog(logFile); /* set up logging */
SetupLogSignals();
- prdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
+ prdir = afsconf_Open(configDir);
if (!prdir) {
fprintf(stderr, "ptserver: can't open configuration directory.\n");
PT_EXIT(1);
fprintf(stderr, "ptserver: couldn't get address of this host.\n");
PT_EXIT(1);
}
- memcpy(&myHost, th->h_addr, sizeof(afs_int32));
+ memcpy(&myHost, th->h_addr, sizeof(afs_uint32));
/* get list of servers */
code =
- afsconf_GetExtendedCellInfo(prdir, NULL, "afsprot", &info, &clones);
+ afsconf_GetExtendedCellInfo(prdir, NULL, "afsprot", &info, clones);
if (code) {
afs_com_err(whoami, code, "Couldn't get server list");
PT_EXIT(2);
}
pr_realmName = info.name;
- pr_realmNameLen = strlen(pr_realmName);
-#if 0
- /* get keys */
- code = afsconf_GetKey(prdir, 999, &tkey);
- if (code) {
- afs_com_err(whoami, code,
- "couldn't get bcrypt keys from key file, ignoring.");
- }
-#endif
- {
- afs_int32 kvno; /* see if there is a KeyFile here */
- struct ktc_encryptionKey key;
- code = afsconf_GetLatestKey(prdir, &kvno, &key);
- kerberosKeys = (code == 0);
- if (!kerberosKeys)
- printf
- ("ptserver: can't find any Kerberos keys, code = %d, ignoring\n",
- code);
- }
- if (kerberosKeys) {
- /* initialize ubik */
- ubik_CRXSecurityProc = afsconf_ClientAuth;
- ubik_CRXSecurityRock = prdir;
- ubik_SRXSecurityProc = afsconf_ServerAuth;
- ubik_SRXSecurityRock = prdir;
- ubik_CheckRXSecurityProc = afsconf_CheckAuth;
- ubik_CheckRXSecurityRock = prdir;
- }
+ /* initialize ubik */
+ ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, prdir);
+ ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
+ afsconf_CheckAuth, prdir);
+
/* The max needed is when deleting an entry. A full CoEntry deletion
* required removal from 39 entries. Each of which may refers to the entry
* being deleted in one of its CoEntries. If a CoEntry is freed its
if (rxBind) {
afs_int32 ccode;
- if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
+ if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = parseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
- } else
+ } else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
pt_hook_write();
#endif
- sc[0] = rxnull_NewServerSecurityObject();
- sc[1] = 0;
- if (kerberosKeys) {
- sc[2] = rxkad_NewServerSecurityObject(0, prdir, afsconf_GetKey, NULL);
- } else
- sc[2] = sc[0];
+ afsconf_BuildServerSecurityObjects(prdir, &securityClasses, &numClasses);
/* Disable jumbograms */
rx_SetNoJumbo();
}
tservice =
- rx_NewServiceHost(host, 0, PRSRV, "Protection Server", sc, 3,
- PR_ExecuteRequest);
+ rx_NewServiceHost(host, 0, PRSRV, "Protection Server", securityClasses,
+ numClasses, PR_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
}
tservice =
- rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats", sc, 3,
- RXSTATS_ExecuteRequest);
+ rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
+ securityClasses, numClasses, RXSTATS_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(pr_rxstat_userok);
+ LogCommandLine(argc, argv, "ptserver",
+#if defined(SUPERGROUPS)
+ "1.1",
+#else
+ "1.0",
+#endif
+ "Starting AFS", FSLog);
+
rx_StartServer(1);
osi_audit(PTS_FinishEvent, -1, AUD_END);
exit(0);
git://git.openafs.org / openafs.git / blobdiff