ptuser/hpr: Don't check for a KeyFile

ptuser and viced's hpr were checking for a KeyFile before calling
ClientAuthSecure. If a KeyFile doesn't exist, then they would display
a warning message, and use an rxnull connection.

However, ClientAuthSecure will return a rxnull connection if it can't
find a KeyFile. So, simplify all of this to just use ClientAuthSecure,
which knows better than we do what keys are usable and which aren't.

Change-Id: I14b6170ec49e0ca85bc371d3bdfa04aecf39f150
Reviewed-on: http://gerrit.openafs.org/4100
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/ptserver/ptuser.c b/src/ptserver/ptuser.c
index 5364407..0ac9049 100644 (file)
--- a/src/ptserver/ptuser.c
+++ b/src/ptserver/ptuser.c
@@ -294,16 +294,11 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
      * to force use of the KeyFile.  secLevel == 0 implies -noauth was
      * specified. */
     if (secLevel == 2) {
-       code = afsconf_GetLatestKey(tdir, 0, 0);
-       if (code) {
-           afs_com_err(whoami, code, "(getting key from local KeyFile)\n");
-       } else {
-           /* If secLevel is two assume we're on a file server and use
-            * ClientAuthSecure if possible. */
-           code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
-           if (code)
-               afs_com_err(whoami, code, "(calling client secure)\n");
-        }
+       /* If secLevel is two assume we're on a file server and use
+        * ClientAuthSecure if possible. */
+       code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
+       if (code)
+           afs_com_err(whoami, code, "(calling client secure)\n");
     } else if (secLevel > 0) {
        secFlags = 0;
        if (secLevel > 1)

diff --git a/src/viced/host.c b/src/viced/host.c
index 8dd9865..fae7a9c 100644 (file)
--- a/src/viced/host.c
+++ b/src/viced/host.c
@@ -305,17 +305,17 @@ hpr_Initialize(struct ubik_client **uclient)
     /* Most callers use secLevel==1, however, the fileserver uses secLevel==2
      * to force use of the KeyFile.  secLevel == 0 implies -noauth was
      * specified. */
-    if ((afsconf_GetLatestKey(tdir, 0, 0) == 0)) {
-        code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
-        if (code)
-           ViceLog(0, ("hpr_Initialize: clientauthsecure returns %d %s (so trying noauth)", code, afs_error_message(code)));
-        if (code)
-            scIndex = RX_SECIDX_NULL;
-    }
-    if ((scIndex == RX_SECIDX_NULL) && (sc == NULL))
-        sc = rxnull_NewClientSecurityObject();
+    code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
+    if (code) {
+       ViceLog(0, ("hpr_Initialize: clientauthsecure returns %d %s "
+                   "(so trying noauth)", code, afs_error_message(code)));
+       scIndex = RX_SECIDX_NULL;
+       sc = rxnull_NewClientSecurityObject();
+    }
+
     if (scIndex == RX_SECIDX_NULL)
-       ViceLog(0, ("hpr_Initialize: Could not get afs tokens, running unauthenticated. [%d]", code));
+       ViceLog(0, ("hpr_Initialize: Could not get afs tokens, "
+                   "running unauthenticated. [%d]", code));
 
     memset(serverconns, 0, sizeof(serverconns));        /* terminate list!!! */
     for (i = 0; i < info.numServers; i++) {