#include <afs/param.h>
#endif
-RCSID
- ("$Header$");
#if defined(UKERNEL)
#include "afs/sysincludes.h"
#include "afs/stds.h"
#include "rx/rx.h"
#include "rx/xdr.h"
-#include "rx/rxkad.h"
#include "afs/auth.h"
#include "afs/cellconfig.h"
#include "afs/afsutil.h"
#include "afs/ptclient.h"
#include "afs/ptuser.h"
#include "afs/pterror.h"
+#include "afs/com_err.h"
#else /* defined(UKERNEL) */
#include <afs/stds.h>
#include <ctype.h>
#include <netinet/in.h>
#endif
#include <stdio.h>
-#ifdef HAVE_STRING_H
#include <string.h>
-#else
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-#endif
#include <rx/rx.h>
#include <rx/xdr.h>
-#include <rx/rxkad.h>
#include <afs/auth.h>
#include <afs/cellconfig.h>
#include <afs/afsutil.h>
+#include <afs/com_err.h>
#include "ptclient.h"
#include "ptuser.h"
#include "pterror.h"
{
afs_int32 code;
struct rx_connection *serverconns[MAXSERVERS];
- struct rx_securityClass *sc[3];
- static struct afsconf_dir *tdir = (struct afsconf_dir *)0; /* only do this once */
+ struct rx_securityClass *sc;
+ static struct afsconf_dir *tdir = (struct afsconf_dir *)NULL; /* only do this once */
static char tconfDir[100] = "";
static char tcell[64] = "";
- struct ktc_token ttoken;
afs_int32 scIndex;
+ afs_int32 secFlags;
static struct afsconf_cell info;
afs_int32 i;
+#if !defined(UKERNEL)
char cellstr[64];
+#endif
afs_int32 gottdir = 0;
afs_int32 refresh = 0;
if (!tdir) {
if (confDir && strcmp(confDir, ""))
fprintf(stderr,
- "libprot: Could not open configuration directory: %s.\n",
- confDir);
+ "%s: Could not open configuration directory: %s.\n",
+ whoami, confDir);
else
fprintf(stderr,
- "libprot: No configuration directory specified.\n");
+ "%s: No configuration directory specified.\n",
+ whoami);
return -1;
}
gottdir = 1;
}
#endif /* defined(UKERNEL) */
- if (tdir == 0 || strcmp(confDir, tconfDir) || strcmp(cell, tcell)) {
+ if (tdir == NULL || strcmp(confDir, tconfDir) || strcmp(cell, tcell)) {
/*
* force re-evaluation. we either don't have an afsconf_dir,
* the directory has changed or the cell has changed.
*/
if (tdir && !gottdir) {
afsconf_Close(tdir);
- tdir = (struct afsconf_dir *)0;
+ tdir = (struct afsconf_dir *)NULL;
}
- pruclient = (struct ubik_client *)0;
+ pruclient = (struct ubik_client *)NULL;
refresh = 1;
}
* want, don't get a new one. Unless the security level is 2 in
* which case we will get one (and re-read the key file).
*/
- if (pruclient && (lastLevel == secLevel) && (secLevel != 2))
+ if (pruclient && (lastLevel == secLevel) && (secLevel != 2)) {
return 0;
+ }
code = rx_Init(0);
if (code) {
return code;
}
- scIndex = secLevel;
- sc[0] = 0;
- sc[1] = 0;
- sc[2] = 0;
/* Most callers use secLevel==1, however, the fileserver uses secLevel==2
* to force use of the KeyFile. secLevel == 0 implies -noauth was
* specified. */
- if ((secLevel == 2) && (afsconf_GetLatestKey(tdir, 0, 0) == 0)) {
- /* If secLevel is two assume we're on a file server and use
- * ClientAuthSecure if possible. */
- code = afsconf_ClientAuthSecure(tdir, &sc[2], &scIndex);
- if (code)
- fprintf(stderr,
- "libprot: clientauthsecure returns %d %s"
- " (so trying noauth)\n", code, error_message(code));
- if (code)
- scIndex = 0; /* use noauth */
- if (scIndex != 2)
- /* if there was a problem, an unauthenticated conn is returned */
- sc[scIndex] = sc[2];
+ if (secLevel == 2) {
+ code = afsconf_GetLatestKey(tdir, 0, 0);
+ if (code) {
+ afs_com_err(whoami, code, "(getting key from local KeyFile)\n");
+ } else {
+ /* If secLevel is two assume we're on a file server and use
+ * ClientAuthSecure if possible. */
+ code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
+ if (code)
+ afs_com_err(whoami, code, "(calling client secure)\n");
+ }
} else if (secLevel > 0) {
- struct ktc_principal sname;
- strcpy(sname.cell, info.name);
- sname.instance[0] = 0;
- strcpy(sname.name, "afs");
- code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL);
- if (code)
- scIndex = 0;
- else {
- if (ttoken.kvno >= 0 && ttoken.kvno <= 256)
- /* this is a kerberos ticket, set scIndex accordingly */
- scIndex = 2;
- else {
- fprintf(stderr,
- "libprot: funny kvno (%d) in ticket, proceeding\n",
- ttoken.kvno);
- scIndex = 2;
- }
- sc[2] =
- rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey,
- ttoken.kvno, ttoken.ticketLen,
- ttoken.ticket);
+ secFlags = 0;
+ if (secLevel > 1)
+ secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT;
+
+ code = afsconf_ClientAuthToken(&info, secFlags, &sc, &scIndex, NULL);
+ if (code) {
+ afs_com_err(whoami, code, "(getting token)");
+ if (secLevel > 1)
+ return code;
}
}
- if (scIndex == 1)
- return PRBADARG;
- if ((scIndex == 0) && (sc[0] == 0))
- sc[0] = rxnull_NewClientSecurityObject();
+
+ if (sc == NULL) {
+ sc = rxnull_NewClientSecurityObject();
+ scIndex = 0;
+ }
+
if ((scIndex == 0) && (secLevel != 0))
- com_err(whoami, code,
- "Could not get afs tokens, running unauthenticated.");
+ fprintf(stderr,
+ "%s: Could not get afs tokens, running unauthenticated\n",
+ whoami);
memset(serverconns, 0, sizeof(serverconns)); /* terminate list!!! */
for (i = 0; i < info.numServers; i++)
serverconns[i] =
rx_NewConnection(info.hostAddr[i].sin_addr.s_addr,
- info.hostAddr[i].sin_port, PRSRV, sc[scIndex],
+ info.hostAddr[i].sin_port, PRSRV, sc,
scIndex);
code = ubik_ClientInit(serverconns, &pruclient);
if (code) {
- com_err(whoami, code, "ubik client init failed.");
+ afs_com_err(whoami, code, "ubik client init failed.");
return code;
}
lastLevel = scIndex;
- code = rxs_Release(sc[scIndex]);
+ code = rxs_Release(sc);
return code;
}
int
-pr_End()
+pr_End(void)
{
int code = 0;
stolower(name);
if (*id) {
- code = ubik_Call(PR_INewEntry, pruclient, 0, name, *id, 0);
+ code = ubik_PR_INewEntry(pruclient, 0, name, *id, 0);
return code;
} else {
- code = ubik_Call(PR_NewEntry, pruclient, 0, name, 0, 0, id);
+ code = ubik_PR_NewEntry(pruclient, 0, name, 0, 0, id);
return code;
}
}
flags |= PRGRP;
if (*id) {
- code = ubik_Call(PR_INewEntry, pruclient, 0, name, *id, oid);
+ code = ubik_PR_INewEntry(pruclient, 0, name, *id, oid);
return code;
} else {
- code = ubik_Call(PR_NewEntry, pruclient, 0, name, flags, oid, id);
+ code = ubik_PR_NewEntry(pruclient, 0, name, flags, oid, id);
return code;
}
}
return code;
if (id == ANONYMOUSID)
return PRNOENT;
- code = ubik_Call(PR_Delete, pruclient, 0, id);
+ code = ubik_PR_Delete(pruclient, 0, id);
return code;
}
{
register afs_int32 code;
- code = ubik_Call(PR_Delete, pruclient, 0, id);
+ code = ubik_PR_Delete(pruclient, 0, id);
return code;
}
idlist lids;
lnames.namelist_len = 2;
- lnames.namelist_val = (prname *) malloc(2 * PR_MAXNAMELEN);
+ lnames.namelist_val = malloc(2 * PR_MAXNAMELEN);
strncpy(lnames.namelist_val[0], user, PR_MAXNAMELEN);
strncpy(lnames.namelist_val[1], group, PR_MAXNAMELEN);
lids.idlist_val = 0;
goto done;
}
code =
- ubik_Call(PR_AddToGroup, pruclient, 0, lids.idlist_val[0],
+ ubik_PR_AddToGroup(pruclient, 0, lids.idlist_val[0],
lids.idlist_val[1]);
done:
if (lnames.namelist_val)
free(lnames.namelist_val);
- if (lids.idlist_val)
- free(lids.idlist_val);
+
+ xdr_free((xdrproc_t) xdr_idlist, &lids);
return code;
}
idlist lids;
lnames.namelist_len = 2;
- lnames.namelist_val = (prname *) malloc(2 * PR_MAXNAMELEN);
+ lnames.namelist_val = malloc(2 * PR_MAXNAMELEN);
strncpy(lnames.namelist_val[0], user, PR_MAXNAMELEN);
strncpy(lnames.namelist_val[1], group, PR_MAXNAMELEN);
lids.idlist_val = 0;
goto done;
}
code =
- ubik_Call(PR_RemoveFromGroup, pruclient, 0, lids.idlist_val[0],
+ ubik_PR_RemoveFromGroup(pruclient, 0, lids.idlist_val[0],
lids.idlist_val[1]);
done:
if (lnames.namelist_val)
free(lnames.namelist_val);
- if (lids.idlist_val)
- free(lids.idlist_val);
- return code;
+ xdr_free((xdrproc_t) xdr_idlist, &lids);
+
+ return code;
}
int
for (i = 0; i < names->namelist_len; i++)
stolower(names->namelist_val[i]);
- code = ubik_Call(PR_NameToID, pruclient, 0, names, ids);
+ code = ubik_PR_NameToID(pruclient, 0, names, ids);
return code;
}
lids.idlist_len = 0;
lids.idlist_val = 0;
lnames.namelist_len = 1;
- lnames.namelist_val = (prname *) malloc(PR_MAXNAMELEN);
+ lnames.namelist_val = malloc(PR_MAXNAMELEN);
stolower(name);
strncpy(lnames.namelist_val[0], name, PR_MAXNAMELEN);
- code = ubik_Call(PR_NameToID, pruclient, 0, &lnames, &lids);
+ code = ubik_PR_NameToID(pruclient, 0, &lnames, &lids);
if (lids.idlist_val) {
*id = *lids.idlist_val;
- free(lids.idlist_val);
+ xdr_free((xdrproc_t) xdr_idlist, &lids);
}
if (lnames.namelist_val)
free(lnames.namelist_val);
{
register afs_int32 code;
- code = ubik_Call(PR_IDToName, pruclient, 0, ids, names);
+ code = ubik_PR_IDToName(pruclient, 0, ids, names);
return code;
}
register afs_int32 code;
lids.idlist_len = 1;
- lids.idlist_val = (afs_int32 *) malloc(sizeof(afs_int32));
+ lids.idlist_val = malloc(sizeof(afs_int32));
*lids.idlist_val = id;
lnames.namelist_len = 0;
lnames.namelist_val = 0;
- code = ubik_Call(PR_IDToName, pruclient, 0, &lids, &lnames);
- if (lnames.namelist_val) {
+ code = ubik_PR_IDToName(pruclient, 0, &lids, &lnames);
+
+ if (lnames.namelist_val)
strncpy(name, lnames.namelist_val[0], PR_MAXNAMELEN);
- free(lnames.namelist_val);
- }
+
if (lids.idlist_val)
free(lids.idlist_val);
+
+ xdr_free((xdrproc_t) xdr_namelist, &lnames);
+
return code;
}
afs_int32 over;
over = 0;
- code = ubik_Call(PR_GetCPS, pruclient, 0, id, CPS, &over);
+ code = ubik_PR_GetCPS(pruclient, 0, id, CPS, &over);
if (code != PRSUCCESS)
return code;
if (over) {
afs_int32 over;
over = 0;
- code = ubik_Call(PR_GetCPS2, pruclient, 0, id, host, CPS, &over);
+ code = ubik_PR_GetCPS2(pruclient, 0, id, host, CPS, &over);
if (code != PRSUCCESS)
return code;
if (over) {
afs_int32 over;
over = 0;
- code = ubik_Call(PR_GetHostCPS, pruclient, 0, host, CPS, &over);
+ code = ubik_PR_GetHostCPS(pruclient, 0, host, CPS, &over);
if (code != PRSUCCESS)
return code;
if (over) {
alist.prlist_len = 0;
alist.prlist_val = 0;
- code = ubik_Call(PR_ListOwned, pruclient, 0, oid, &alist, moreP);
+ code = ubik_PR_ListOwned(pruclient, 0, oid, &alist, moreP);
if (code)
return code;
if (*moreP == 1) {
oid);
*moreP = 0;
}
- lids = (idlist *) & alist;
+ lids = (idlist *) &alist;
code = pr_IdToName(lids, lnames);
+
+ xdr_free((xdrproc_t) xdr_prlist, &alist);
+
if (code)
return code;
- if (alist.prlist_val)
- free(alist.prlist_val);
+
return PRSUCCESS;
}
alist.prlist_len = 0;
alist.prlist_val = 0;
- code = ubik_Call(PR_ListElements, pruclient, 0, gid, &alist, &over);
+ code = ubik_PR_ListElements(pruclient, 0, gid, &alist, &over);
if (code)
return code;
if (over) {
fprintf(stderr, "membership list for id %d exceeds display limit\n",
gid);
}
- lids = (idlist *) & alist;
+ lids = (idlist *) &alist;
code = pr_IdToName(lids, lnames);
+
+ xdr_free((xdrproc_t) xdr_prlist, &alist);
+
if (code)
return code;
- if (alist.prlist_val)
- free(alist.prlist_val);
return PRSUCCESS;
}
{
register afs_int32 code;
- code = ubik_Call(PR_ListEntry, pruclient, 0, id, aentry);
+ code = ubik_PR_ListEntry(pruclient, 0, id, aentry);
return code;
}
bulkentries.prentries_len = 0;
code =
- ubik_Call(PR_ListEntries, pruclient, 0, flag, startindex,
+ ubik_PR_ListEntries(pruclient, 0, flag, startindex,
&bulkentries, nextstartindex);
*nentries = bulkentries.prentries_len;
*entries = bulkentries.prentries_val;
return code;
if (*id == ANONYMOUSID)
return PRNOENT;
- code = ubik_Call(PR_ListEntry, pruclient, 0, *id, &aentry);
+ code = ubik_PR_ListEntry(pruclient, 0, *id, &aentry);
if (code)
return code;
/* this should be done in one RPC, but I'm lazy. */
return code;
if (id == ANONYMOUSID)
return PRNOENT;
- code = ubik_Call(PR_ListEntry, pruclient, 0, id, &aentry);
+ code = ubik_PR_ListEntry(pruclient, 0, id, &aentry);
if (code)
return code;
/* this should be done in one RPC, but I'm lazy. */
if (oid == ANONYMOUSID)
return PRNOENT;
}
- code = ubik_Call(PR_ChangeEntry, pruclient, 0, id, newname, oid, newid);
+ if (newid)
+ code = ubik_PR_ChangeEntry(pruclient, 0, id, newname, oid, *newid);
+ else
+ code = ubik_PR_ChangeEntry(pruclient, 0, id, newname, oid, 0);
return code;
}
stolower(uname);
stolower(gname);
lnames.namelist_len = 2;
- lnames.namelist_val = (prname *) malloc(2 * PR_MAXNAMELEN);
+ lnames.namelist_val = malloc(2 * PR_MAXNAMELEN);
strncpy(lnames.namelist_val[0], uname, PR_MAXNAMELEN);
strncpy(lnames.namelist_val[1], gname, PR_MAXNAMELEN);
lids.idlist_val = 0;
if (code) {
if (lnames.namelist_val)
free(lnames.namelist_val);
- if (lids.idlist_val)
- free(lids.idlist_val);
+ xdr_free((xdrproc_t) xdr_idlist, &lids);
return code;
}
code =
- ubik_Call(PR_IsAMemberOf, pruclient, 0, lids.idlist_val[0],
+ ubik_PR_IsAMemberOf(pruclient, 0, lids.idlist_val[0],
lids.idlist_val[1], flag);
if (lnames.namelist_val)
free(lnames.namelist_val);
- if (lids.idlist_val)
- free(lids.idlist_val);
+ xdr_free((xdrproc_t) xdr_idlist, &lids);
return code;
}
{
register afs_int32 code;
afs_int32 gid;
- code = ubik_Call(PR_ListMax, pruclient, 0, mid, &gid);
+ code = ubik_PR_ListMax(pruclient, 0, mid, &gid);
return code;
}
{
register afs_int32 code;
afs_int32 flag = 0;
- code = ubik_Call(PR_SetMax, pruclient, 0, mid, flag);
+ code = ubik_PR_SetMax(pruclient, 0, mid, flag);
return code;
}
{
register afs_int32 code;
afs_int32 id;
- code = ubik_Call(PR_ListMax, pruclient, 0, &id, mid);
+ code = ubik_PR_ListMax(pruclient, 0, &id, mid);
return code;
}
afs_int32 flag = 0;
flag |= PRGRP;
- code = ubik_Call(PR_SetMax, pruclient, 0, mid, flag);
+ code = ubik_PR_SetMax(pruclient, 0, mid, flag);
return code;
}
register afs_int32 code;
code =
- ubik_Call(PR_SetFieldsEntry, pruclient, 0, id, mask, flags, ngroups,
+ ubik_PR_SetFieldsEntry(pruclient, 0, id, mask, flags, ngroups,
nusers, 0, 0);
return code;
}
-
-int
-stolower(char *s)
-{
- while (*s) {
- if (isupper(*s))
- *s = tolower(*s);
- s++;
- }
- return 0;
-}