Don't pass tokens around the backup system

The backup system has a global ktc_token, which is used
to work out when its credentials are about to expire. This leads to
an unfortunate dependency throughout the code on the format of this
token.

Replace this with a global time_t which stores the expiry time, and
copy the required field from the token into this when we get the
token. This limits the exposure of the token, and simplifies the code.

Change-Id: Ia2929c2c0a4c1ba9ca5db881865f33af5a732d2f
Reviewed-on: http://gerrit.openafs.org/1218
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/bucoord/bucoord_internal.h b/src/bucoord/bucoord_internal.h
index 4131b3f..8ee832d 100644 (file)
--- a/src/bucoord/bucoord_internal.h
+++ b/src/bucoord/bucoord_internal.h
@@ -119,6 +119,7 @@ struct cmd_parmdesc;
 extern afs_int32 bc_ParseExpiration(struct cmd_parmdesc *paramPtr,
                                    afs_int32 *expType, afs_int32 *expDate);
 /* main.c */
+extern time_t tokenExpires;
 extern afs_int32 doDispatch(afs_int32, char *[], afs_int32);
 extern void bc_HandleMisc(afs_int32 code);
 

diff --git a/src/bucoord/bucoord_prototypes.h b/src/bucoord/bucoord_prototypes.h
index 52d3ccf..45a6896 100644 (file)
--- a/src/bucoord/bucoord_prototypes.h
+++ b/src/bucoord/bucoord_prototypes.h
@@ -57,7 +57,6 @@ extern afs_int32 bcdb_AddVolumes(register struct budb_volumeEntry *,
 extern afs_int32 udbClientInit(int noAuthFlag, int localauth, char *cellName);
 struct ktc_token;
 extern int vldbClientInit(int noAuthFlag, int localauth, char *cellName,
-                          struct ubik_client **cstruct,
-                          struct ktc_token *ttoken);
+                          struct ubik_client **cstruct, time_t *expires);
 #endif
 

diff --git a/src/bucoord/commands.c b/src/bucoord/commands.c
index 32d83fa..d19803f 100644 (file)
--- a/src/bucoord/commands.c
+++ b/src/bucoord/commands.c
@@ -54,7 +54,6 @@ extern struct bc_config *bc_globalConfig;
 extern struct bc_dumpTask bc_dumpTasks[BC_MAXSIMDUMPS];
 extern struct ubik_client *cstruct;
 extern char *whoami;
-extern struct ktc_token ttoken;
 
 char *loadFile;
 extern afs_int32 lastTaskCode;
@@ -637,33 +636,39 @@ EvalVolumeSet1(struct bc_config *aconfig,
     return (0);
 }                              /*EvalVolumeSet1 */
 
-/* compactDateString
- *     print out a date in compact format, 16 chars, format is
- *     mm/dd/yyyy hh:mm
- * entry:
- *     date_long - ptr to a long containing the time
- * exit:
- *     ptr to a string containing a representation of the date
- */
 char *
-compactDateString(afs_uint32 *date_long, char *string, afs_int32 size)
+compactTimeString(time_t *date, char *string, afs_int32 size)
 {
     struct tm *ltime;
 
     if (!string)
-       return 0;
+       return NULL;
 
-    if (*date_long == NEVERDATE) {
+    if (*date == NEVERDATE) {
        sprintf(string, "NEVER");
     } else {
-        time_t t = *date_long;
-       ltime = localtime(&t);
-       /* prints date in U.S. format of mm/dd/yyyy */
+       ltime = localtime(date);
        strftime(string, size, "%m/%d/%Y %H:%M", ltime);
     }
     return (string);
 }
 
+/* compactDateString
+ *     print out a date in compact format, 16 chars, format is
+ *     mm/dd/yyyy hh:mm
+ * entry:
+ *     date_long - ptr to a long containing the time
+ * exit:
+ *     ptr to a string containing a representation of the date
+ */
+char *
+compactDateString(afs_uint32 *date_long, char *string, afs_int32 size)
+{
+    time_t t = *date_long;
+    return compactTimeString(&t, string, size);
+}
+
+
 afs_int32
 bc_SafeATOI(char *anum)
 {
@@ -1018,11 +1023,11 @@ bc_JobsCmd(struct cmd_syndesc *as, void *arock)
        }
 
        /* Print token expiration time */
-       if ((ttoken.endTime > prevTime)
-           && (ttoken.endTime <= youngest->scheduledDump) && as
-           && (ttoken.endTime != NEVERDATE)) {
-           if (ttoken.endTime > time(0)) {
-               compactDateString(&ttoken.endTime, ds, 50);
+       if ((tokenExpires > prevTime)
+           && (tokenExpires <= youngest->scheduledDump) && as
+           && (tokenExpires != NEVERDATE)) {
+           if (tokenExpires > time(0)) {
+               compactTimeString(&tokenExpires, ds, 50);
                printf("       %16s: TOKEN EXPIRATION\n", ds);
            } else {
                printf("       TOKEN HAS EXPIRED\n");
@@ -1042,11 +1047,11 @@ bc_JobsCmd(struct cmd_syndesc *as, void *arock)
     }
 
     /* Print token expiration time if havn't already */
-    if ((ttoken.endTime == NEVERDATE) && as)
+    if ((tokenExpires == NEVERDATE) && as)
        printf("     : TOKEN NEVER EXPIRES\n");
-    else if ((ttoken.endTime > prevTime) && as) {
-       if (ttoken.endTime > time(0)) {
-           compactDateString(&ttoken.endTime, ds, 50);
+    else if ((tokenExpires > prevTime) && as) {
+       if (tokenExpires > time(0)) {
+           compactTimeString(&tokenExpires, ds, 50);
            printf("       %16s: TOKEN EXPIRATION\n", ds);
        } else {
            printf("     : TOKEN HAS EXPIRED\n");
@@ -1835,7 +1840,7 @@ bc_DumpCmd(struct cmd_syndesc *as, void *arock)
                strcat(statusPtr->cmdLine, " -n");
 
            printf("Add scheduled dump as job %d\n", statusPtr->jobNumber);
-           if ((atTime > ttoken.endTime) && (ttoken.endTime != NEVERDATE))
+           if ((atTime > tokenExpires) && (tokenExpires != NEVERDATE))
                afs_com_err(whoami, 0,
                        "Warning: job %d starts after expiration of AFS token",
                        statusPtr->jobNumber);
@@ -2424,7 +2429,7 @@ bc_deleteDumpCmd(struct cmd_syndesc *as, void *arock)
     afs_int32 rcode = 0;
     afs_int32 groupId = 0, havegroupid, sflags, noexecute;
     struct cmd_item *ti;
-    afs_uint32 fromTime = 0, toTime = 0, havetime = 0;
+    afs_int32 fromTime = 0, toTime = 0, havetime = 0;
     char *timeString;
     budb_dumpsList dumps, flags;
     int i;

diff --git a/src/bucoord/main.c b/src/bucoord/main.c
index 5d7adfd..7364d0b 100644 (file)
--- a/src/bucoord/main.c
+++ b/src/bucoord/main.c
@@ -63,7 +63,7 @@ char tcell[64];
 struct bc_config *bc_globalConfig;     /*Ptr to global BC configuration info */
 
 struct ubik_client *cstruct;   /* Ptr to Ubik client structure */
-struct ktc_token ttoken;       /* The token */
+time_t tokenExpires;           /* The token's expiration time */
 
 static const char *DefaultConfDir;     /*Default backup config directory */
 static int bcInit = 0;         /* backupInit called yet ? */
@@ -254,7 +254,7 @@ backupInit(void)
     rx_SetRxDeadTime(60);
 
     /* VLDB initialization */
-    code = vldbClientInit(0, localauth, tcell, &cstruct, &ttoken);
+    code = vldbClientInit(0, localauth, tcell, &cstruct, &tokenExpires);
     if (code)
        return (code);
 

diff --git a/src/bucoord/ubik_db_if.c b/src/bucoord/ubik_db_if.c
index 2dc31e1..f769d95 100644 (file)
--- a/src/bucoord/ubik_db_if.c
+++ b/src/bucoord/ubik_db_if.c
@@ -777,7 +777,7 @@ bc_CheckTextVersion(udbClientTextP ctPtr)
 int
 vldbClientInit(int noAuthFlag, int localauth, char *cellName, 
               struct ubik_client **cstruct, 
-              struct ktc_token *ttoken)
+              time_t *expires)
 {
     afs_int32 code = 0;
     struct afsconf_dir *acdir;
@@ -785,6 +785,7 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName,
     afs_int32 i, scIndex = 0;  /* Index of Rx security object - noauth */
     struct afsconf_cell info;
     struct ktc_principal sname;
+    struct ktc_token *ttoken = NULL;
     struct rx_connection *serverconns[VLDB_MAXSERVERS];
 
 
@@ -825,7 +826,7 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName,
     /*
      * Grab tickets if we care about authentication.
      */
-    ttoken->endTime = 0;
+    *expires = 0;
     if (localauth) {
        code = afsconf_GetLatestKey(acdir, 0, 0);
        if (code) {
@@ -838,7 +839,7 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName,
                ERROR(code);
            }
 
-           ttoken->endTime = NEVERDATE;
+           *expires = NEVERDATE;
        }
     } else {
        if (!noAuthFlag) {
@@ -856,7 +857,7 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName,
                    afs_com_err(whoami, 0,
                            "Funny kvno (%d) in ticket, proceeding",
                            ttoken->kvno);
-
+               *expires = ttoken->endTime;
                scIndex = 2;
            }
        }

diff --git a/src/butc/tcmain.c b/src/butc/tcmain.c
index 8846711..67d4088 100644 (file)
--- a/src/butc/tcmain.c
+++ b/src/butc/tcmain.c
@@ -841,7 +841,7 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
     register afs_int32 code;
     struct rx_securityClass *(securityObjects[3]);
     struct rx_service *service;
-    struct ktc_token ttoken;
+    time_t tokenExpires;
     char cellName[64];
     int localauth;
     /*process arguments */
@@ -853,7 +853,6 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
 #else
     PROCESS dbWatcherPid;
 #endif
-    time_t t;
     afs_uint32 host = htonl(INADDR_ANY);
 
     debugLevel = 0;
@@ -1065,7 +1064,7 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
     rx_SetRxDeadTime(150);
 
     /* Establish connection with the vldb server */
-    code = vldbClientInit(0, localauth, cellName, &cstruct, &ttoken);
+    code = vldbClientInit(0, localauth, cellName, &cstruct, &tokenExpires);
     if (code) {
        TapeLog(0, 0, code, 0, "Can't access vldb\n");
        return code;
@@ -1148,8 +1147,7 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
 
     TLog(0, "Starting Tape Coordinator: Port offset %u   Debug level %u\n",
         portOffset, debugLevel);
-    t = ttoken.endTime;
-    TLog(0, "Token expires: %s\n", cTIME(&t));
+    TLog(0, "Token expires: %s\n", cTIME(&tokenExpires));
 
     rx_StartServer(1);         /* Donate this process to the server process pool */
     TLog(0, "Error: StartServer returned");