From: Benjamin Kaduk <kaduk@mit.edu>
Date: Mon, 14 Apr 2014 02:01:59 +0000 (-0400)
Subject: Add rxgk client options to vl and pt utilities
X-Git-Tag: openafs-devel-1_9_0~300
X-Git-Url: http://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=e5b1e6f1

Add rxgk client options to vl and pt utilities

Add options to use rxgk for outgoing connections to vlserver, vos,
ptserver, and pts.

For vlserver and ptserver, name the new option -s2scrypt, similar to
the existing volserver option -s2scrypt. For vlserver and ptserver,
specify 'rxgk-crypt' to turn on rxgk crypt connections for our
server-to-server ubik communication.

For vos and pts, just name the new option '-rxgk', and allow the user
to specify the rxgk level to use ('clear', 'auth', or 'crypt'). The
pts code is currently somewhat ill-suited to changing what rx security
class and security level we use, but do the best we can without
refactoring the whole thing.

Change-Id: Iefae46291330d2b5e05b2a2bbaec1b9150b3c892
Reviewed-on: https://gerrit.openafs.org/11105
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
---

diff --git a/src/ptserver/pts.c b/src/ptserver/pts.c
index 0b7742d..aa1f415 100644
--- a/src/ptserver/pts.c
+++ b/src/ptserver/pts.c
@@ -25,6 +25,7 @@
 #include <afs/cmd.h>
 #include <rx/rx.h>
 #include <rx/xdr.h>
+#include <rx/rxgk_int.h>
 
 #include "ptclient.h"
 #include "ptuser.h"
@@ -167,6 +168,7 @@ GetGlobals(struct cmd_syndesc *as, void *arock)
     afs_int32 sec;
     int changed = 0;
     const char* confdir;
+    RXGK_Level rxgk_level = RXGK_LEVEL_BOGUS;
 
     whoami = as->a0name;
 
@@ -221,9 +223,26 @@ GetGlobals(struct cmd_syndesc *as, void *arock)
 	confdir = as->parms[23].items->data;
     }
 
+    if (as->parms[24].items) { /* -rxgk */
+	char *rxgk_seclevel_str = as->parms[24].items->data;
+	changed = 1;
+
+	if (strcmp(rxgk_seclevel_str, "clear") == 0)
+	    rxgk_level = RXGK_LEVEL_CLEAR;
+	else if (strcmp(rxgk_seclevel_str, "auth") == 0)
+	    rxgk_level = RXGK_LEVEL_AUTH;
+	else if (strcmp(rxgk_seclevel_str, "crypt") == 0)
+	    rxgk_level = RXGK_LEVEL_CRYPT;
+	else {
+	    fprintf(stderr, "Invalid argument to -rxgk: %s\n", rxgk_seclevel_str);
+	    return 1;
+	}
+
+    }
+
     if (changed) {
 	CleanUp(as, arock);
-	code = pr_Initialize(sec, confdir, cell);
+	code = pr_Initialize2(sec, confdir, cell, rxgk_level);
     } else {
 	code = 0;
     }
@@ -1091,6 +1110,7 @@ add_std_args(struct cmd_syndesc *ts)
     cmd_AddParm(ts, "-encrypt", CMD_FLAG, CMD_OPTIONAL,
 		"encrypt commands");
     cmd_AddParm(ts, "-config", CMD_SINGLE, CMD_OPTIONAL, "config location");
+    cmd_AddParm(ts, "-rxgk", CMD_SINGLE, CMD_OPTIONAL, "rxgk security level to use");
     free(test_help);
 }
 
diff --git a/src/ptserver/ptserver.c b/src/ptserver/ptserver.c
index 34d9819..5789629 100644
--- a/src/ptserver/ptserver.c
+++ b/src/ptserver/ptserver.c
@@ -234,7 +234,8 @@ enum optionsList {
     OPT_rxbind,
     OPT_rxmaxmtu,
     OPT_dotted,
-    OPT_transarc_logs
+    OPT_transarc_logs,
+    OPT_s2s_crypt
 };
 
 int
@@ -253,6 +254,7 @@ main(int argc, char **argv)
     afs_uint32 host = htonl(INADDR_ANY);
     struct cmd_syndesc *opts;
     struct cmd_item *list;
+    int s2s_rxgk = 0;
 
     char *pr_dbaseName;
     char *configDir;
@@ -261,6 +263,7 @@ main(int argc, char **argv)
 
     char *auditFileName = NULL;
     char *interface = NULL;
+    char *s2s_crypt_behavior = NULL;
 
 #ifdef	AFS_AIX32_ENV
     /*
@@ -364,6 +367,11 @@ main(int argc, char **argv)
 		        CMD_FLAG, CMD_OPTIONAL,
 		        "permit Kerberos 5 principals with dots");
 
+    /* rxgk options */
+    cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
+			CMD_OPTIONAL,
+			"rxgk-crypt | never");
+
     code = cmd_Parse(argc, argv, &opts);
     if (code == CMD_HELP) {
 	PT_EXIT(0);
@@ -460,6 +468,20 @@ main(int argc, char **argv)
     /* rxkad options */
     cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
 
+    /* rxgk options */
+    if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
+	if (strcmp(s2s_crypt_behavior, "never") == 0) {
+	    /* noop; this is the default */
+	} else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
+	    s2s_rxgk = 1;
+	} else {
+	    fprintf(stderr, "Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
+	    PT_EXIT(1);
+	}
+	free(s2s_crypt_behavior);
+	s2s_crypt_behavior = NULL;
+    }
+
     cmd_FreeOptions(&opts);
 
     if (auditFileName) {
@@ -513,7 +535,13 @@ main(int argc, char **argv)
     osi_audit_set_user_check(prdir, pr_IsLocalRealmMatch);
 
     /* initialize ubik */
-    ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, prdir);
+    if (s2s_rxgk) {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
+				    afsconf_UpToDate, prdir);
+    } else {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate,
+				    prdir);
+    }
     ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
 				afsconf_CheckAuth, prdir);
 
diff --git a/src/ptserver/ptuser.c b/src/ptserver/ptuser.c
index f2b1341..6e99057 100644
--- a/src/ptserver/ptuser.c
+++ b/src/ptserver/ptuser.c
@@ -20,6 +20,7 @@
 #include <afs/cellconfig.h>
 #include <afs/afsutil.h>
 #include <afs/com_err.h>
+#include <rx/rxgk_int.h>
 
 #include "ptclient.h"
 #include "ptuser.h"
@@ -174,6 +175,13 @@ CreateIdList(struct idhash *idhash, idlist * alist, afs_int32 select)
 afs_int32
 pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
 {
+    return pr_Initialize2(secLevel, confDir, cell, RXGK_LEVEL_BOGUS);
+}
+
+afs_int32
+pr_Initialize2(IN afs_int32 secLevel, IN const char *confDir, IN char *cell,
+	       int rxgk_level)
+{
     afs_int32 code;
     struct rx_connection *serverconns[MAXSERVERS];
     struct rx_securityClass *sc = NULL;
@@ -187,6 +195,7 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
     char cellstr[64];
     afs_int32 gottdir = 0;
     afs_int32 refresh = 0;
+    int use_rxgk = 0;
 
     initialize_PT_error_table();
     initialize_RXK_error_table();
@@ -270,10 +279,31 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
 	return code;
     }
 
+    switch (rxgk_level) {
+    case RXGK_LEVEL_CLEAR:
+    case RXGK_LEVEL_AUTH:
+    case RXGK_LEVEL_CRYPT:
+	use_rxgk = 1;
+	if (secLevel != 2) {
+	    fprintf(stderr, "libprot: Cannot use rxgk with non-localauth right now\n");
+	    return EINVAL;
+	}
+    }
+
     /* Most callers use secLevel==1, however, the fileserver uses secLevel==2
      * to force use of the KeyFile.  secLevel == 0 implies -noauth was
      * specified. */
-    if (secLevel == 2) {
+    if (use_rxgk) {
+	switch (rxgk_level) {
+	case RXGK_LEVEL_CLEAR: code = afsconf_ClientAuthRXGKClear(tdir, &sc, &scIndex);
+			       break;
+	case RXGK_LEVEL_AUTH:  code = afsconf_ClientAuthRXGKAuth(tdir, &sc, &scIndex);
+			       break;
+	case RXGK_LEVEL_CRYPT: code = afsconf_ClientAuthRXGKCrypt(tdir, &sc, &scIndex);
+	}
+	if (code)
+	    afs_com_err(whoami, code, "(calling client rxgk)");
+    } else if (secLevel == 2) {
 	/* If secLevel is two assume we're on a file server and use
 	 * ClientAuthSecure if possible. */
 	code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
diff --git a/src/ptserver/ptuser.h b/src/ptserver/ptuser.h
index 6e1ebff..80d8915 100644
--- a/src/ptserver/ptuser.h
+++ b/src/ptserver/ptuser.h
@@ -15,6 +15,8 @@
 /* ptuser.c */
 extern afs_int32 pr_Initialize(afs_int32 secLevel, const char *confDir,
  			       char *cell);
+extern afs_int32 pr_Initialize2(afs_int32 secLevel, const char *confDir,
+				char *cell, int rxgk_level);
 extern int pr_End(void);
 extern int pr_CreateUser(prname name, afs_int32 *id) AFS_NONNULL();
 extern int pr_CreateGroup(prname name, prname owner,
diff --git a/src/vlserver/vlserver.c b/src/vlserver/vlserver.c
index 5e07b7a..cb67dca 100644
--- a/src/vlserver/vlserver.c
+++ b/src/vlserver/vlserver.c
@@ -158,7 +158,8 @@ enum optionsList {
     OPT_trace,
     OPT_dotted,
     OPT_restricted_query,
-    OPT_transarc_logs
+    OPT_transarc_logs,
+    OPT_s2s_crypt
 };
 
 int
@@ -180,6 +181,7 @@ main(int argc, char **argv)
     afs_uint32 host = ntohl(INADDR_ANY);
     struct cmd_syndesc *opts;
     struct logOptions logopts;
+    int s2s_rxgk = 0;
 
     char *vl_dbaseName;
     char *configDir;
@@ -187,6 +189,7 @@ main(int argc, char **argv)
     char *auditFileName = NULL;
     char *interface = NULL;
     char *optstring = NULL;
+    char *s2s_crypt_behavior = NULL;
 
     char *restricted_query_parameter = NULL;
 
@@ -280,6 +283,11 @@ main(int argc, char **argv)
 		        CMD_FLAG, CMD_OPTIONAL,
 		        "permit Kerberos 5 principals with dots");
 
+    /* rxgk options */
+    cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
+			CMD_OPTIONAL,
+			"rxgk-crypt | never");
+
     code = cmd_Parse(argc, argv, &opts);
     if (code == CMD_HELP) {
 	exit(0);
@@ -387,6 +395,20 @@ main(int argc, char **argv)
 	free(restricted_query_parameter);
     }
 
+    /* rxgk options */
+    if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
+	if (strcmp(s2s_crypt_behavior, "never") == 0) {
+	    /* noop; this is the default */
+	} else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
+	    s2s_rxgk = 1;
+	} else {
+	    printf("Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
+	    return -1;
+	}
+	free(s2s_crypt_behavior);
+	s2s_crypt_behavior = NULL;
+    }
+
     if (auditFileName) {
 	osi_audit_file(auditFileName);
     }
@@ -487,7 +509,12 @@ main(int argc, char **argv)
     rx_SetRxDeadTime(50);
 
     ubik_nBuffers = 512;
-    ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    if (s2s_rxgk) {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
+				    afsconf_UpToDate, tdir);
+    } else {
+	ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
+    }
     ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
 				afsconf_CheckAuth, tdir);
 
diff --git a/src/volser/vos.c b/src/volser/vos.c
index 6d4dbc6..986a8ed 100644
--- a/src/volser/vos.c
+++ b/src/volser/vos.c
@@ -80,6 +80,7 @@ enum {
     COMMONPARM_OFFSET_ENCRYPT   = 29,
     COMMONPARM_OFFSET_NORESOLVE = 30,
     COMMONPARM_OFFSET_CONFIG    = 31,
+    COMMONPARM_OFFSET_RXGK      = 32,
 };
 
 #define COMMONPARMS \
@@ -98,6 +99,8 @@ cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_NORESOLVE, \
     "-noresolve", CMD_FLAG, CMD_OPTIONAL, "don't resolve addresses"); \
 cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_CONFIG, \
     "-config", CMD_SINGLE, CMD_OPTIONAL, "config location"); \
+cmd_AddParmAtOffset(ts, COMMONPARM_OFFSET_RXGK, \
+    "-rxgk", CMD_SINGLE, CMD_OPTIONAL, "rxgk security level to use"); \
 
 #define ERROR_EXIT(code) do { \
     error = (code); \
@@ -5930,6 +5933,7 @@ static int
 MyBeforeProc(struct cmd_syndesc *as, void *arock)
 {
     char *tcell;
+    char *rxgk_seclevel_str = NULL;
     afs_int32 code;
     int secFlags;
 
@@ -5960,6 +5964,23 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
     if (as->parms[COMMONPARM_OFFSET_CONFIG].items)   /* -config flag set */
 	confdir = as->parms[COMMONPARM_OFFSET_CONFIG].items->data;
 
+    if (cmd_OptionAsString(as, COMMONPARM_OFFSET_RXGK, &rxgk_seclevel_str) == 0) {
+	if (strcmp(rxgk_seclevel_str, "clear") == 0)
+	    secFlags |= AFSCONF_SECOPTS_ALWAYSCLEAR;
+	else if (strcmp(rxgk_seclevel_str, "auth") == 0)
+	    secFlags |= AFSCONF_SECOPTS_NEVERENCRYPT;
+	else if (strcmp(rxgk_seclevel_str, "crypt") == 0) {
+	    /* don't need to set any flags; this is the default for rxgk */
+	} else {
+	    fprintf(STDERR, "Invalid argument to -rxgk: %s\n", rxgk_seclevel_str);
+	    exit(1);
+	}
+	secFlags |= AFSCONF_SECOPTS_RXGK;
+
+	free(rxgk_seclevel_str);
+	rxgk_seclevel_str = NULL;
+    }
+
     if ((code = vsu_ClientInit(confdir, tcell, secFlags, UV_SetSecurity,
 			       &cstruct))) {
 	fprintf(STDERR, "could not initialize VLDB library (code=%lu) \n",