/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
/* Exported variables */
afs_uint32 pag_epoch;
-#if defined(UKERNEL) && defined(AFS_WEB_ENHANCEMENTS)
+#if defined(UKERNEL)
afs_uint32 pagCounter = 1;
#else
afs_uint32 pagCounter = 0;
-#endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
+#endif /* UKERNEL */
#ifdef AFS_LINUX26_ONEGROUP_ENV
#define NUMPAGGROUPS 1
* anyway, so the pag is an alternative handle which is somewhat more
* secure (although of course not absolutely secure).
*/
-#if !defined(UKERNEL) || !defined(AFS_WEB_ENHANCEMENTS)
+#if !defined(UKERNEL)
afs_uint32
genpag(void)
{
return (pagCounter);
#endif
}
-#endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
+#endif /* UKERNEL */
/* used to require 10 seconds between each setpag to guarantee that
* PAGs never wrap - which would be a security hole. If we presume
afs_setpag(afs_ucred_t **credpp)
#elif defined(AFS_FBSD_ENV)
afs_setpag(struct thread *td, void *args)
+#elif defined(AFS_NBSD_ENV)
+afs_setpag(afs_proc_t *p, const void *args, register_t *retval)
#elif defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
afs_setpag(afs_proc_t *p, void *args, int *retval)
#else
code = AddPag(genpag(), credpp);
#elif defined(AFS_FBSD_ENV)
code = AddPag(td, genpag(), &td->td_ucred);
+#elif defined(AFS_NBSD40_ENV)
+ code = AddPag(p, genpag(), &p->l_proc->p_cred);
#elif defined(AFS_XBSD_ENV)
code = AddPag(p, genpag(), &p->p_rcred);
#elif defined(AFS_AIX41_ENV)
return (code);
}
-#if defined(UKERNEL) && defined(AFS_WEB_ENHANCEMENTS)
+#if defined(UKERNEL)
/*
* afs_setpag_val
* This function is like setpag but sets the current thread's pag id to a
return pagvalue;
}
#endif
-#endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
+#endif /* UKERNEL */
/* Note - needs to be available on AIX, others can be static - rework this */
int
-afs_InitReq(register struct vrequest *av, afs_ucred_t *acred)
+afs_InitReq(struct vrequest *av, afs_ucred_t *acred)
{
#if defined(AFS_LINUX26_ENV) && !defined(AFS_NONFSTRANS)
int code;
#elif defined(AFS_SUN510_ENV)
av->uid = crgetruid(acred);
#else
- av->uid = afs_cr_uid(acred); /* default when no pag is set */
+ av->uid = afs_cr_ruid(acred); /* default when no pag is set */
#endif
}
return 0;
}
+/*!
+ * Allocate and setup a vrequest.
+ *
+ * \note The caller must free the allocated vrequest with
+ * afs_DestroyReq() if this function returns successfully (zero).
+ *
+ * \note The GLOCK must be held on platforms which require the GLOCK
+ * for osi_AllocSmallSpace() and osi_FreeSmallSpace().
+ *
+ * \param[out] avpp address of the vrequest pointer
+ * \param[in] acred user credentials to setup the vrequest
+ * afs_osi_credp should be used for anonymous connections
+ * \return 0 on success
+ */
+int
+afs_CreateReq(struct vrequest **avpp, afs_ucred_t *acred)
+{
+ int code;
+ struct vrequest *treq = NULL;
+
+ if (afs_shuttingdown) {
+ return EIO;
+ }
+ if (!avpp || !acred) {
+ return EINVAL;
+ }
+ treq = osi_AllocSmallSpace(sizeof(struct vrequest));
+ if (!treq) {
+ return ENOMEM;
+ }
+ code = afs_InitReq(treq, acred);
+ if (code != 0) {
+ osi_FreeSmallSpace(treq);
+ return code;
+ }
+ *avpp = treq;
+ return 0;
+}
+
+/*!
+ * Deallocate a vrequest.
+ *
+ * \note The GLOCK must be held on platforms which require the GLOCK
+ * for osi_FreeSmallSpace().
+ *
+ * \param[in] av pointer to the vrequest to free; may be NULL
+ */
+void
+afs_DestroyReq(struct vrequest *av)
+{
+ if (av) {
+ osi_FreeSmallSpace(av);
+ }
+}
+
#ifndef AFS_LINUX26_ONEGROUP_ENV
afs_uint32
afs_get_pag_from_groups(gid_t g0a, gid_t g1a)
h = (g0 >> 14);
h = (g1 >> 14) + h + h + h;
ret = ((h << 28) | l);
-# if defined(UKERNEL) && defined(AFS_WEB_ENHANCEMENTS)
+# if defined(UKERNEL)
return ret;
# else
/* Additional testing */
if (((ret >> 24) & 0xff) == 'A')
return ret;
-# endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
+# endif /* UKERNEL */
}
return NOPAG;
}
AFS_STATCNT(afs_get_groups_from_pag);
*g0p = pag;
*g1p = 0;
-# if !defined(UKERNEL) || !defined(AFS_WEB_ENHANCEMENTS)
+# if !defined(UKERNEL)
pag &= 0x7fffffff;
-# endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
+# endif /* UKERNEL */
g0 = 0x3fff & (pag >> 14);
g1 = 0x3fff & pag;
g0 |= ((pag >> 28) / 3) << 14;
}
#endif
-#ifndef AFS_LINUX26_ENV
+#if !defined(AFS_LINUX26_ENV) && !defined(AFS_DARWIN110_ENV)
static afs_int32
osi_get_group_pag(afs_ucred_t *cred)
{
gids = crgetgroups(cred);
ngroups = crgetngroups(cred);
#endif
-#if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
+#if defined(AFS_NBSD40_ENV)
+ if (cred == NOCRED || cred == FSCRED)
+ return NOPAG;
+ if (osi_crngroups(cred) < 3)
+ return NOPAG;
+ g0 = osi_crgroupbyid(cred, 1);
+ g1 = osi_crgroupbyid(cred, 2);
+#elif defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
if (cred == NOCRED || cred == FSCRED)
return NOPAG;
if (cred->cr_ngroups < 3)
if (cred == NULL || cred == afs_osi_credp) {
return NOPAG;
}
+#ifndef AFS_DARWIN110_ENV
#if defined(AFS_LINUX26_ENV) && defined(LINUX_KEYRING_SUPPORT)
/*
* If linux keyrings are in use and we carry the session keyring in our credentials
* With keyrings but no kernel credentials, look at groups first and fall back
* to looking at the keyrings.
*/
-# if !defined(STRUCT_TASK_HAS_CRED)
+# if !defined(STRUCT_TASK_STRUCT_HAS_CRED)
pag = osi_get_group_pag(cred);
# endif
if (pag == NOPAG)
pag = osi_get_keyring_pag(cred);
+#elif defined(AFS_AIX51_ENV)
+ if (kcred_getpag(cred, PAG_AFS, &pag) < 0 || pag == 0)
+ pag = NOPAG;
#else
pag = osi_get_group_pag(cred);
#endif
+#endif
return pag;
}