keyring-pag-avoid-shadowing-20070208

[openafs.git] / src / afs / afs_osi_pag.c

diff --git a/src/afs/afs_osi_pag.c b/src/afs/afs_osi_pag.c
index 53b4739..9ebbdd1 100644 (file)
--- a/src/afs/afs_osi_pag.c
+++ b/src/afs/afs_osi_pag.c
@@ -44,6 +44,11 @@ afs_uint32 pagCounter = 1;
 afs_uint32 pagCounter = 0;
 #endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
 
+#ifdef AFS_LINUX26_ONEGROUP_ENV
+#define NUMPAGGROUPS 1
+#else
+#define NUMPAGGROUPS 2
+#endif
 /* Local variables */
 
 /*
@@ -363,18 +368,27 @@ afs_setpag_val(int pagval)
     return (code);
 }
 
+#ifndef AFS_LINUX26_ONEGROUP_ENV
 int
 afs_getpag_val()
 {
     int pagvalue;
     struct AFS_UCRED *credp = u.u_cred;
-    int gidset0, gidset1;
+    gid_t gidset0, gidset1;
+#ifdef AFS_SUN510_ENV
+    const gid_t *gids;
 
+    gids = crgetgroups(*credp);
+    gidset0 = gids[0];
+    gidset1 = gids[1];
+#else
     gidset0 = credp->cr_groups[0];
     gidset1 = credp->cr_groups[1];
+#endif
     pagvalue = afs_get_pag_from_groups(gidset0, gidset1);
     return pagvalue;
 }
+#endif
 #endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
 
 
@@ -415,9 +429,11 @@ afs_InitReq(register struct vrequest *av, struct AFS_UCRED *acred)
        return EIO;
 
 #ifdef AFS_LINUX26_ENV
+#if !defined(AFS_NONFSTRANS)
     if (osi_linux_nfs_initreq(av, acred, &code))
        return code;
 #endif
+#endif
 
     av->uid = PagInCred(acred);
     if (av->uid == NOPAG) {
@@ -431,6 +447,8 @@ afs_InitReq(register struct vrequest *av, struct AFS_UCRED *acred)
            av->uid = -2;       /* XXX nobody... ? */
        else
            av->uid = acred->cr_uid;    /* bsd creds don't have ruid */
+#elif defined(AFS_SUN510_ENV)
+        av->uid = crgetruid(acred);
 #else
        av->uid = acred->cr_ruid;       /* default when no pag is set */
 #endif
@@ -440,7 +458,22 @@ afs_InitReq(register struct vrequest *av, struct AFS_UCRED *acred)
 }
 
 
+#ifdef AFS_LINUX26_ONEGROUP_ENV
+afs_uint32
+afs_get_pag_from_groups(struct group_info *group_info)
+{
+    afs_uint32 g0 = 0;
+    afs_uint32 i;
 
+    AFS_STATCNT(afs_get_pag_from_groups);
+    for (i = 0; (i < group_info->ngroups && 
+                (g0 = GROUP_AT(group_info, i)) != (gid_t) NOGROUP); i++) {
+       if (((g0 >> 24) & 0xff) == 'A')
+           return g0;
+    }
+    return NOPAG;
+}
+#else
 afs_uint32
 afs_get_pag_from_groups(gid_t g0a, gid_t g1a)
 {
@@ -449,6 +482,7 @@ afs_get_pag_from_groups(gid_t g0a, gid_t g1a)
     afs_uint32 h, l, ret;
 
     AFS_STATCNT(afs_get_pag_from_groups);
+
     g0 -= 0x3f00;
     g1 -= 0x3f00;
     if (g0 < 0xc000 && g1 < 0xc000) {
@@ -462,13 +496,11 @@ afs_get_pag_from_groups(gid_t g0a, gid_t g1a)
        /* Additional testing */
        if (((ret >> 24) & 0xff) == 'A')
            return ret;
-       else
-           return NOPAG;
 #endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
     }
     return NOPAG;
 }
-
+#endif
 
 void
 afs_get_groups_from_pag(afs_uint32 pag, gid_t * g0p, gid_t * g1p)
@@ -477,6 +509,10 @@ afs_get_groups_from_pag(afs_uint32 pag, gid_t * g0p, gid_t * g1p)
 
 
     AFS_STATCNT(afs_get_groups_from_pag);
+#ifdef AFS_LINUX26_ONEGROUP_ENV
+    *g0p = pag;
+    *g1p = 0;
+#else
 #if !defined(UKERNEL) || !defined(AFS_WEB_ENHANCEMENTS)
     pag &= 0x7fffffff;
 #endif /* UKERNEL && AFS_WEB_ENHANCEMENTS */
@@ -486,6 +522,7 @@ afs_get_groups_from_pag(afs_uint32 pag, gid_t * g0p, gid_t * g1p)
     g1 |= ((pag >> 28) % 3) << 14;
     *g0p = g0 + 0x3f00;
     *g1p = g1 + 0x3f00;
+#endif
 }
 
 
@@ -494,11 +531,19 @@ PagInCred(const struct AFS_UCRED *cred)
 {
     afs_int32 pag;
     gid_t g0, g1;
+#if defined(AFS_SUN510_ENV)
+    const gid_t *gids;
+    int ngroups;
+#endif
 
     AFS_STATCNT(PagInCred);
-    if (cred == NULL) {
+    if (cred == NULL || cred == afs_osi_credp) {
        return NOPAG;
     }
+#if defined(AFS_SUN510_ENV)
+    gids = crgetgroups(cred);
+    ngroups = crgetngroups(cred);
+#endif
 #if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
     if (cred == NOCRED || cred == FSCRED) {
        return NOPAG;
@@ -518,23 +563,58 @@ PagInCred(const struct AFS_UCRED *cred)
        return NOPAG;
     }
 #elif defined(AFS_LINUX26_ENV)
-    if (cred->cr_group_info->ngroups < 2)
-       return NOPAG;
+    if (cred->cr_group_info->ngroups < NUMPAGGROUPS) {
+       pag = NOPAG;
+       goto out;
+    }
 #elif defined(AFS_SGI_ENV) || defined(AFS_SUN5_ENV) || defined(AFS_DUX40_ENV) || defined(AFS_LINUX20_ENV) || defined(AFS_XBSD_ENV)
-    if (cred->cr_ngroups < 2)
-       return NOPAG;
+#if defined(AFS_SUN510_ENV)
+    if (ngroups < 2) {
+#else
+    if (cred->cr_ngroups < 2) {
+#endif
+       pag = NOPAG;
+       goto out;
+    }
 #endif
 #if defined(AFS_AIX51_ENV)
     g0 = cred->cr_groupset.gs_union.un_groups[0];
     g1 = cred->cr_groupset.gs_union.un_groups[1];
+#elif defined(AFS_LINUX26_ONEGROUP_ENV)
 #elif defined(AFS_LINUX26_ENV)
     g0 = GROUP_AT(cred->cr_group_info, 0);
     g1 = GROUP_AT(cred->cr_group_info, 1);
+#elif defined(AFS_SUN510_ENV)
+    g0 = gids[0];
+    g1 = gids[1];
 #else
     g0 = cred->cr_groups[0];
     g1 = cred->cr_groups[1];
 #endif
 #endif
+#if defined(AFS_LINUX26_ONEGROUP_ENV)
+    pag = (afs_int32) afs_get_pag_from_groups(cred->cr_group_info);
+#else
     pag = (afs_int32) afs_get_pag_from_groups(g0, g1);
+#endif
+out:
+#if defined(AFS_LINUX26_ENV) && defined(LINUX_KEYRING_SUPPORT)
+    if (pag == NOPAG) {
+       struct key *key;
+       afs_uint32 upag, newpag;
+
+       key = request_key(&key_type_afs_pag, "_pag", NULL);
+       if (!IS_ERR(key)) {
+           if (key_validate(key) == 0 && key->uid == 0) {      /* also verify in the session keyring? */
+               upag = (afs_uint32) key->payload.value;
+               if (((upag >> 24) & 0xff) == 'A') {
+                   __setpag(&cred, upag, &newpag, 0);
+                   pag = (afs_int32) upag;
+               }
+           }
+           key_put(key);
+       } 
+    }
+#endif
     return pag;
 }