git://git.openafs.org / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (parent: d6b4a69)
ptserver: Always set up Ubik security
authorSimon Wilkinson <sxw@your-file-system.com>
Tue, 1 Mar 2011 13:59:19 +0000 (13:59 +0000)
committerDerrick Brashear <shadow@dementia.org>
Wed, 2 Mar 2011 03:59:07 +0000 (19:59 -0800)
ptserver was checking for the existence of a suitable KeyFile before
setting up Ubik's security classes. This is uneccessary, because the
behaviour of the afsconf_* functions when a KeyFile doesn't exist
is the same as Ubik's default mechanisms.

So, simplify (and future proof) the code by removing the KeyFile check.

Change-Id: I03df04e99ca4c043c15fc5f5701f8438912a7633
Reviewed-on: http://gerrit.openafs.org/4099
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>

src/ptserver/ptserver.c patch | blob | history

diff --git a/src/ptserver/ptserver.c b/src/ptserver/ptserver.c
index c596d49..bd42d04 100644 (file)
--- a/src/ptserver/ptserver.c
+++ b/src/ptserver/ptserver.c
@@ -211,7 +211,6 @@ main(int argc, char **argv)
     struct rx_service *tservice;
     struct rx_securityClass **securityClasses;
     afs_int32 numClasses;
-    int kerberosKeys;          /* set if found some keys */
     int lwps = 3;
     char clones[MAXHOSTSPERCELL];
     afs_uint32 host = htonl(INADDR_ANY);
@@ -455,25 +454,14 @@ main(int argc, char **argv)
     }
     pr_realmName = info.name;
 
-    {
-       afs_int32 kvno;         /* see if there is a KeyFile here */
-       struct ktc_encryptionKey key;
-       code = afsconf_GetLatestKey(prdir, &kvno, &key);
-       kerberosKeys = (code == 0);
-       if (!kerberosKeys)
-           printf
-               ("ptserver: can't find any Kerberos keys, code = %d, ignoring\n",
-                code);
-    }
-    if (kerberosKeys) {
-       /* initialize ubik */
-       ubik_CRXSecurityProc = afsconf_ClientAuth;
-       ubik_CRXSecurityRock = prdir;
-       ubik_SRXSecurityProc = afsconf_ServerAuth;
-       ubik_SRXSecurityRock = prdir;
-       ubik_CheckRXSecurityProc = afsconf_CheckAuth;
-       ubik_CheckRXSecurityRock = prdir;
-    }
+    /* initialize ubik */
+    ubik_CRXSecurityProc = afsconf_ClientAuth;
+    ubik_CRXSecurityRock = prdir;
+    ubik_SRXSecurityProc = afsconf_ServerAuth;
+    ubik_SRXSecurityRock = prdir;
+    ubik_CheckRXSecurityProc = afsconf_CheckAuth;
+    ubik_CheckRXSecurityRock = prdir;
+
     /* The max needed is when deleting an entry.  A full CoEntry deletion
      * required removal from 39 entries.  Each of which may refers to the entry
      * being deleted in one of its CoEntries.  If a CoEntry is freed its
OpenAFS Master Repository