X-Git-Url: http://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=src%2Fvlserver%2Fvlserver.c;h=cb67dcade0491b62347bf860417e396aba681f7c;hp=5e07b7afd550753deec3dc336715c2aa4d0baf6c;hb=e5b1e6f1;hpb=fc7e1700fe84f623fb9163466d24226df00b1a2c

diff --git a/src/vlserver/vlserver.c b/src/vlserver/vlserver.c
index 5e07b7a..cb67dca 100644
--- a/src/vlserver/vlserver.c
+++ b/src/vlserver/vlserver.c
@@ -158,7 +158,8 @@ enum optionsList {
     OPT_trace,
     OPT_dotted,
     OPT_restricted_query,
-    OPT_transarc_logs
+    OPT_transarc_logs,
+    OPT_s2s_crypt
 };
 
 int
@@ -180,6 +181,7 @@ main(int argc, char **argv)
     afs_uint32 host = ntohl(INADDR_ANY);
     struct cmd_syndesc *opts;
     struct logOptions logopts;
+    int s2s_rxgk = 0;
 
     char *vl_dbaseName;
     char *configDir;
@@ -187,6 +189,7 @@ main(int argc, char **argv)
     char *auditFileName = NULL;
     char *interface = NULL;
     char *optstring = NULL;
+    char *s2s_crypt_behavior = NULL;
 
     char *restricted_query_parameter = NULL;
 
@@ -280,6 +283,11 @@ main(int argc, char **argv)
 		        CMD_FLAG, CMD_OPTIONAL,
 		        "permit Kerberos 5 principals with dots");
 
+    /* rxgk options */
+    cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
+			CMD_OPTIONAL,
+			"rxgk-crypt | never");
+
     code = cmd_Parse(argc, argv, &opts);
     if (code == CMD_HELP) {
 	exit(0);
@@ -387,6 +395,20 @@ main(int argc, char **argv)
 	free(restricted_query_parameter);
     }
 
+    /* rxgk options */
+    if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
+	if (strcmp(s2s_crypt_behavior, "never") == 0) {
+	    /* noop; this is the default */
+	} else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
+	    s2s_rxgk = 1;
+	} else {
+	    printf("Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
+	    return -1;
+	}
+	free(s2s_crypt_behavior);
+	s2s_crypt_behavior = NULL;
+    }
+
     if (auditFileName) {
 	osi_audit_file(auditFileName);
     }
@@ -487,7 +509,12 @@ main(int argc, char **argv)
     rx_SetRxDeadTime(50);
 
     ubik_nBuffers = 512;
-    ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    if (s2s_rxgk) {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
+				    afsconf_UpToDate, tdir);
+    } else {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    }
     ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
 				afsconf_CheckAuth, tdir);