From: Simon Wilkinson <sxw@your-file-system.com>
Date: Sun, 23 Oct 2011 15:21:52 +0000 (+0100)
Subject: Rework the ugen_* interface
X-Git-Tag: openafs-stable-1_8_0pre1~2548
X-Git-Url: https://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=3720f6b646857cca523659519f6fd4441e41dc7a

Rework the ugen_* interface

Remodel the ugen_* ubik initialisation interface so that more complex
sets of security flags can be passed through it. A number of new
functions are provided, all of which take the AFSCONF_* security flags
defined in libauth:

*) ugen_ClientInitCell is used to initialise a ubik client structure
   when the caller already has afsconf_dir and afsconf_cell
   structures for the cell being contacted
*) ugen_ClientInitServer is used to initialise a client which will
   contact a specific server within a given cell, rather than
   selecting one from the pool
*) ugen_ClientInitFlags is used to initialise a client given a
   cellname, and a path to a configuration directory. It is is
   closest to the legacy ugen_ClientInit function.

All of the in tree callers are updated to use this new interface

Change-Id: I6a438aa70d94114c8b6626fa1396b7580ab07c07
Reviewed-on: http://gerrit.openafs.org/7131
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
---

diff --git a/src/WINNT/afsd/fs.c b/src/WINNT/afsd/fs.c
index be1e3c4..0214976 100644
--- a/src/WINNT/afsd/fs.c
+++ b/src/WINNT/afsd/fs.c
@@ -3091,14 +3091,19 @@ VLDBInit(int noAuthFlag, struct afsconf_cell *info)
 {
     afs_int32 code;
     char confDir[257];
+    int secFlags;
 
     cm_GetConfigDir(confDir, sizeof(confDir));
 
-    code = ugen_ClientInit(noAuthFlag, confDir,
-			   info->name, 0, &uclient,
-                           NULL, pn, rxkad_clear,
-                           VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 50,
-                           0, 0, USER_SERVICE_ID);
+    secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
+
+    if (noAuthFlag)
+	secFlags |= AFSCONF_SECOPTS_NOAUTH;
+
+    code = ugen_ClientInitFlags(confDir, info->name, secFlags,
+			        &uclient, NULL, VLDB_MAXSERVERS,
+				AFSCONF_VLDBSERVICE, 50);
+
     rxInitDone = 1;
     return code;
 }
diff --git a/src/bozo/bos.c b/src/bozo/bos.c
index 5399ed9..874655a 100644
--- a/src/bozo/bos.c
+++ b/src/bozo/bos.c
@@ -1675,8 +1675,12 @@ SalvageCmd(struct cmd_syndesc *as, void *arock)
 	confdir =
 	    (localauth ? AFSDIR_SERVER_ETC_DIRPATH :
 	     AFSDIR_CLIENT_ETC_DIRPATH);
-	code = vsu_ClientInit( /* noauth */ 1, confdir, tmpname,
-			      /* server auth */ 0, &cstruct, (int (*)())0);
+
+	code = vsu_ClientInit(confdir, tmpname,
+			      AFSCONF_SECOPTS_FALLBACK_NULL |
+			      AFSCONF_SECOPTS_NOAUTH,
+			      NULL, &cstruct);
+
 	if (code == 0) {
 	    newID = vsu_GetVolumeID(as->parms[2].items->data, cstruct, &err);
 	    if (newID == 0) {
diff --git a/src/ubik/ubik.p.h b/src/ubik/ubik.p.h
index c1ac772..7a9f916 100644
--- a/src/ubik/ubik.p.h
+++ b/src/ubik/ubik.p.h
@@ -649,6 +649,24 @@ extern int ubik_ParseServerList(int argc, char **argv, afs_uint32 *ahost,
 /* \name uinit.c */
 
 struct rx_securityClass;
+struct afsconf_dir;
+extern int ugen_ClientInitCell(struct afsconf_dir *dir,
+			       struct afsconf_cell *info,
+			       int secFlags,
+			       struct ubik_client **uclientp,
+			       int maxservers, const char *serviceid,
+			       int deadtime);
+extern int ugen_ClientInitServer(const char *confDir, char *cellName,
+				 int secFlags, struct ubik_client **uclientp,
+				 int maxservers, char *serviceid,
+				 int deadtime, afs_uint32 server,
+			         afs_uint32 port);
+extern int ugen_ClientInitFlags(const char *confDir, char *cellName,
+				int secFlags, struct ubik_client **uclientp,
+				int (*secproc) (struct rx_securityClass *,
+						afs_int32),
+				int maxservers, char *serviceid,
+				int deadtime);
 extern afs_int32 ugen_ClientInit(int noAuthFlag, const char *confDir,
 				 char *cellName, afs_int32 sauth,
 				 struct ubik_client **uclientp,
diff --git a/src/ubik/uinit.c b/src/ubik/uinit.c
index e43ffc4..ca83acc 100644
--- a/src/ubik/uinit.c
+++ b/src/ubik/uinit.c
@@ -29,95 +29,63 @@
 #include <afs/afsint.h>
 #include <afs/cmd.h>
 
-/*!
- * \brief Get the appropriate type of ubik client structure out from the system.
- */
-afs_int32
-ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
-	       struct ubik_client **uclientp,
-	       int (*secproc) (struct rx_securityClass *, afs_int32),
-	       char *funcName, afs_int32 gen_rxkad_level,
-	       afs_int32 maxservers, char *serviceid, afs_int32 deadtime,
-	       afs_uint32 server, afs_uint32 port, afs_int32 usrvid)
+static int
+internal_client_init(struct afsconf_dir *dir, struct afsconf_cell *info,
+		     int secFlags, struct ubik_client **uclientp,
+		     int (*secproc) (struct rx_securityClass *, afs_int32),
+		     int maxservers, const char *serviceid, int deadtime,
+		     afs_uint32 server, afs_uint32 port, afs_int32 usrvid)
 {
-    afs_int32 code, secFlags, i;
+    int code, i;
     afs_int32 scIndex;
-    struct afsconf_cell info;
-    struct afsconf_dir *tdir;
     struct rx_securityClass *sc;
     /* This must change if VLDB_MAXSERVERS becomes larger than MAXSERVERS */
     static struct rx_connection *serverconns[MAXSERVERS];
+    const char *progname;
+
+    progname = getprogname();
+    if (progname == NULL)
+	progname = "<unknown>";
 
     code = rx_Init(0);
     if (code) {
-	fprintf(stderr, "%s: could not initialize rx.\n", funcName);
+	fprintf(stderr, "%s: could not initialize rx.\n", progname);
 	return code;
     }
     rx_SetRxDeadTime(deadtime);
 
-    secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
-    if (sauth) {
-	secFlags |= AFSCONF_SECOPTS_LOCALAUTH;
-	confDir = AFSDIR_SERVER_ETC_DIRPATH;
-    } else {
-	if (confDir == NULL)
-	    confDir = AFSDIR_CLIENT_ETC_DIRPATH;
-    }
-
-    if (noAuthFlag) {
-	secFlags |= AFSCONF_SECOPTS_NOAUTH;
-    }
-
-    tdir = afsconf_Open(confDir);
-    if (!tdir) {
-	fprintf(stderr,
-		"%s: Could not process files in configuration directory (%s).\n",
-		funcName, confDir);
-	return -1;
-    }
-
-    if (sauth)
-	cellName = tdir->cellName;
-
-    code = afsconf_GetCellInfo(tdir, cellName, serviceid, &info);
-    if (code) {
-	afsconf_Close(tdir);
-	fprintf(stderr, "%s: can't find cell %s's hosts in %s/%s\n",
-		funcName, cellName, confDir, AFSDIR_CELLSERVDB_FILE);
-	return -1;
-    }
-    code = afsconf_PickClientSecObj(tdir, secFlags, &info, cellName, &sc,
+    code = afsconf_PickClientSecObj(dir, secFlags, info, NULL, &sc,
 				    &scIndex, NULL);
     if (code) {
-	fprintf(stderr, "%s: can't create client security object", funcName);
-	return -1;
+	fprintf(stderr, "%s: can't create client security object", progname);
+	return code;
     }
-    if (scIndex == RX_SECIDX_NULL && !noAuthFlag) {
+
+    if (scIndex == RX_SECIDX_NULL && !(secFlags & AFSCONF_SECOPTS_NOAUTH)) {
 	fprintf(stderr,
 		"%s: Could not get afs tokens, running unauthenticated.\n",
-		funcName);
+		progname);
     }
 
-    afsconf_Close(tdir);
-
     if (secproc)	/* tell UV module about default authentication */
 	(*secproc) (sc, scIndex);
+
     if (server) {
 	serverconns[0] = rx_NewConnection(server, port,
 					  usrvid, sc, scIndex);
     } else {
-	if (info.numServers > maxservers) {
+	if (info->numServers > maxservers) {
 	    fprintf(stderr,
 		    "%s: info.numServers=%d (> maxservers=%d)\n",
-		    funcName, info.numServers, maxservers);
+		    progname, info->numServers, maxservers);
 	    return -1;
 	}
-	for (i = 0; i < info.numServers; i++) {
-	    if (!info.hostAddr[i].sin_port && port)
-		info.hostAddr[i].sin_port = port;
+	for (i = 0; i < info->numServers; i++) {
+	    if (!info->hostAddr[i].sin_port && port)
+		info->hostAddr[i].sin_port = port;
 	    serverconns[i] =
-		rx_NewConnection(info.hostAddr[i].sin_addr.s_addr,
-				 info.hostAddr[i].sin_port, usrvid,
+		rx_NewConnection(info->hostAddr[i].sin_addr.s_addr,
+				 info->hostAddr[i].sin_port, usrvid,
 				 sc, scIndex);
 	}
     }
@@ -125,12 +93,121 @@ ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 s
     if (uclientp) {
 	*uclientp = 0;
 	code = ubik_ClientInit(serverconns, uclientp);
-	if (code) {
-	    fprintf(stderr, "%s: ubik client init failed.\n", funcName);
+	if (code)
+	    fprintf(stderr, "%s: ubik client init failed.\n", progname);
 	    return code;
-	}
     }
+
     return 0;
 }
 
+int
+ugen_ClientInitCell(struct afsconf_dir *dir, struct afsconf_cell *info,
+		    int secFlags, struct ubik_client **uclientp,
+		    int maxservers, const char *serviceid, int deadtime)
+{
+    return internal_client_init(dir, info, secFlags, uclientp, NULL,
+			        maxservers, serviceid, deadtime, 0, 0,
+				USER_SERVICE_ID);
+}
+
+static int
+internal_client_init_dir(const char *confDir, char *cellName, int secFlags,
+		      struct ubik_client **uclientp,
+		      int (*secproc) (struct rx_securityClass *, afs_int32),
+		      afs_int32 maxservers, char *serviceid, afs_int32 deadtime,
+		      afs_uint32 server, afs_uint32 port, afs_int32 usrvid)
+{
+    int code;
+    const char *progname;
+    struct afsconf_dir *dir;
+    struct afsconf_cell info;
+
+    progname = getprogname();
+    if (progname == NULL)
+	progname = "<unknown>";
+
+    if (confDir == NULL)
+	confDir = AFSDIR_CLIENT_ETC_DIRPATH;
+
+    dir = afsconf_Open(confDir);
+    if (!dir) {
+	fprintf(stderr,
+		"%s: Could not process files in configuration directory (%s).\n",
+		progname, confDir);
+	return EIO;
+    }
+
+    if (cellName == NULL)
+	cellName = dir->cellName;
+
+    code = afsconf_GetCellInfo(dir, cellName, serviceid, &info);
+    if (code) {
+	afsconf_Close(dir);
+	fprintf(stderr, "%s: can't find cell %s's hosts in %s/%s\n",
+		progname?progname:"<unknown>", cellName, confDir,
+		AFSDIR_CELLSERVDB_FILE);
+	return code;
+    }
+
+    code = internal_client_init(dir, &info, secFlags, uclientp, secproc,
+			        maxservers, serviceid, deadtime, server,
+				port, usrvid);
+
+    afsconf_Close(dir);
+
+    return code;
+}
+
+int
+ugen_ClientInitServer(const char *confDir, char *cellName, int secFlags,
+		      struct ubik_client **uclientp, int maxservers,
+		      char *serviceid, int deadtime, afs_uint32 server,
+		      afs_uint32 port)
+{
+
+    return internal_client_init_dir(confDir, cellName, secFlags, uclientp,
+				    NULL, maxservers, serviceid, deadtime,
+				    server, port, USER_SERVICE_ID);
+}
+
+int
+ugen_ClientInitFlags(const char *confDir, char *cellName, int secFlags,
+		     struct ubik_client **uclientp,
+	             int (*secproc) (struct rx_securityClass *, afs_int32),
+		     int maxservers, char *serviceid, int deadtime)
+{
+    return internal_client_init_dir(confDir, cellName, secFlags, uclientp,
+				    secproc, maxservers, serviceid, deadtime,
+				    0, 0, USER_SERVICE_ID);
+}
+
+/*!
+ * \brief Get the appropriate type of ubik client structure out from the system.
+ */
+afs_int32
+ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
+	       struct ubik_client **uclientp,
+	       int (*secproc) (struct rx_securityClass *, afs_int32),
+	       char *funcName, afs_int32 gen_rxkad_level,
+	       afs_int32 maxservers, char *serviceid, afs_int32 deadtime,
+	       afs_uint32 server, afs_uint32 port, afs_int32 usrvid)
+{
+    int secFlags;
+
+    secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
+    if (sauth) {
+	secFlags |= AFSCONF_SECOPTS_LOCALAUTH;
+	confDir = AFSDIR_SERVER_ETC_DIRPATH;
+    }
+
+    secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT;
+
+    if (noAuthFlag)
+	secFlags |= AFSCONF_SECOPTS_NOAUTH;
+
+    return internal_client_init_dir(confDir, cellName, secFlags, uclientp,
+				    secproc, maxservers, serviceid, deadtime,
+				    server, port, usrvid);
+}
 
diff --git a/src/venus/fs.c b/src/venus/fs.c
index 86ee2b1..d17bc51 100644
--- a/src/venus/fs.c
+++ b/src/venus/fs.c
@@ -67,7 +67,6 @@ static int PruneList(struct AclEntry **, int);
 static int CleanAcl(struct Acl *, char *);
 static int SetVolCmd(struct cmd_syndesc *as, void *arock);
 static int GetCellName(char *, struct afsconf_cell *);
-static int VLDBInit(int, struct afsconf_cell *);
 static void Die(int, char *);
 
 /*
@@ -1863,6 +1862,7 @@ MakeMountCmd(struct cmd_syndesc *as, void *arock)
     struct afsconf_cell info;
     struct vldbentry vldbEntry;
     struct ViceIoctl blob;
+    struct afsconf_dir *dir;
 
 /*
 
@@ -1917,14 +1917,31 @@ defect #3069
 		   &blob, 1);
     }
 
-    code = GetCellName(cellName ? cellName : space, &info);
+    dir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH);
+    if (!dir) {
+	fprintf(stderr,
+		"Could not process files in configuration directory (%s).\n",
+		AFSDIR_CLIENT_ETC_DIRPATH);
+        return 1;
+    }
+
+    code = afsconf_GetCellInfo(dir, cellName ? cellName : space,
+		               AFSCONF_VLDBSERVICE, &info);
     if (code) {
+	fprintf(stderr,
+		"%s: cell %s not in %s\n", pn, cellName ? cellName : space,
+		AFSDIR_CLIENT_CELLSERVDB_FILEPATH);
 	return 1;
     }
+
     if (!(as->parms[4].items)) {
 	/* not fast, check which cell the mountpoint is being created in */
-	/* not fast, check name with VLDB */
-	code = VLDBInit(1, &info);
+	code = ugen_ClientInitCell(dir, &info,
+				   AFSCONF_SECOPTS_FALLBACK_NULL |
+				   AFSCONF_SECOPTS_NOAUTH,
+				   &uclient, VLDB_MAXSERVERS,
+				   AFSCONF_VLDBSERVICE, 50);
+
 	if (code == 0) {
 	    /* make the check.  Don't complain if there are problems with init */
 	    code =
@@ -3036,21 +3053,6 @@ GetCellName(char *cellName, struct afsconf_cell *info)
     return 0;
 }
 
-
-static int
-VLDBInit(int noAuthFlag, struct afsconf_cell *info)
-{
-    afs_int32 code;
-
-    code = ugen_ClientInit(noAuthFlag, (char *) AFSDIR_CLIENT_ETC_DIRPATH,
-			   info->name, 0, &uclient,
-                           NULL, pn, rxkad_clear,
-                           VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 50,
-                           0, 0, USER_SERVICE_ID);
-    rxInitDone = 1;
-    return code;
-}
-
 static struct ViceIoctl gblob;
 static int debug = 0;
 /*
diff --git a/src/vlserver/vlclient.c b/src/vlserver/vlclient.c
index 1ba7338..7d55e7b 100644
--- a/src/vlserver/vlclient.c
+++ b/src/vlserver/vlclient.c
@@ -134,12 +134,11 @@ GetVolume(int vol, struct vldbentry *entry)
 
 /* Almost identical's to pr_Initialize in vlserver/pruser.c */
 afs_int32
-vl_Initialize(int auth, char *confDir, int server, char *cellp)
+vl_Initialize(char *confDir, int secFlags, int server, char *cellp)
 {
-    return ugen_ClientInit(auth?0:1, confDir, cellp, 0,
-			  &cstruct, NULL, "vl_Initialize", rxkad_clear,
-			  MAXSERVERS, AFSCONF_VLDBSERVICE, 50, server,
-			  htons(AFSCONF_VLDBPORT), USER_SERVICE_ID);
+    return ugen_ClientInitServer(confDir, cellp, secFlags, &cstruct,
+				 MAXSERVERS, AFSCONF_VLDBSERVICE, 90,
+				 server, htons(AFSCONF_VLDBPORT));
 }
 
 /* return host address in network byte order */
@@ -174,14 +173,14 @@ handleit(struct cmd_syndesc *as, void *arock)
     char *cellp = 0;
     struct VldbUpdateEntry updateentry;
     struct VldbListByAttributes listbyattributes;
-    int noAuth = 1;		/* Default is authenticated connections */
+    int secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
 
     if ((ti = as->parms[0].items))	/* -cellpath <dir> */
 	strcpy(confdir, ti->data);
     if (as->parms[1].items)	/* -server */
 	strcpy(confdir, AFSDIR_SERVER_ETC_DIRPATH);
     if (as->parms[2].items)	/* -noauth */
-	noAuth = 0;
+	secFlags |= AFSCONF_SECOPTS_NOAUTH;
     if ((ti = as->parms[3].items)) {	/* -host */
 	server = GetServer(ti->data);
 	if (server == 0) {
@@ -190,7 +189,7 @@ handleit(struct cmd_syndesc *as, void *arock)
 	}
 	sawserver = 1;
     }
-    if (!sawserver && noAuth && (!(ti = as->parms[4].items))) {
+    if (sawserver && !as->parms[2].items && (!(ti = as->parms[4].items))) {
 	printf
 	    ("Must also specify the -cell' option along with -host for authenticated conns\n");
 	exit(1);
@@ -198,7 +197,7 @@ handleit(struct cmd_syndesc *as, void *arock)
     if ((ti = as->parms[4].items)) {	/* -cell */
 	cellp = ti->data;
     }
-    if ((code = vl_Initialize(noAuth, confdir, server, cellp))) {
+    if ((code = vl_Initialize(confdir, secFlags, server, cellp))) {
 	printf("Couldn't initialize vldb library (code=%d).\n", code);
 	exit(1);
     }
diff --git a/src/volser/volser.p.h b/src/volser/volser.p.h
index 6f1f8a1..8d2b3ed 100644
--- a/src/volser/volser.p.h
+++ b/src/volser/volser.p.h
@@ -188,10 +188,9 @@ struct partList {		/*used by the backup system */
 struct ubik_client;
 extern afs_uint32 vsu_GetVolumeID(char *astring, struct ubik_client *acstruct, afs_int32 *errp);
 extern int vsu_ExtractName(char rname[], char name[]);
-extern afs_int32 vsu_ClientInit(int noAuthFlag, const char *confDir,
-				char *cellName, afs_int32 sauth,
-				struct ubik_client **uclientp,
-				int (*secproc)(struct rx_securityClass *, afs_int32));
-extern void vsu_SetCrypt(int cryptflag);
-
+extern afs_int32 vsu_ClientInit(const char *confDir, char *cellName,
+				int secFlags,
+				int (*secproc)(struct rx_securityClass *,
+					       afs_int32),
+				struct ubik_client **uclientp);
 #endif /* _VOLSER_ */
diff --git a/src/volser/vos.c b/src/volser/vos.c
index a4459e5..4d145ab 100644
--- a/src/volser/vos.c
+++ b/src/volser/vos.c
@@ -5817,31 +5817,35 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
 {
     char *tcell;
     afs_int32 code;
-    afs_int32 sauth;
+    int secFlags;
 
     /* Initialize the ubik_client connection */
     rx_SetRxDeadTime(90);
-    cstruct = (struct ubik_client *)0;
+    cstruct = NULL;
+    secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
 
-    sauth = 0;
     tcell = NULL;
     if (as->parms[12].items)	/* if -cell specified */
 	tcell = as->parms[12].items->data;
+
+    if (as->parms[13].items)
+	secFlags |= AFSCONF_SECOPTS_NOAUTH;
+
     if (as->parms[14].items)	/* -serverauth specified */
-	sauth = 1;
+	secFlags |= AFSCONF_SECOPTS_LOCALAUTH;
+
     if (as->parms[16].items     /* -encrypt specified */
 #ifdef AFS_NT40_ENV
         || win32_enableCrypt()
 #endif /* AFS_NT40_ENV */
          )
-	vsu_SetCrypt(1);
+	secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT;
 
     if (as->parms[18].items)   /* -config flag set */
 	confdir = as->parms[18].items->data;
 
-    if ((code =
-	 vsu_ClientInit((as->parms[13].items != 0), confdir, tcell, sauth,
-			&cstruct, UV_SetSecurity))) {
+    if ((code = vsu_ClientInit(confdir, tcell, secFlags, UV_SetSecurity,
+			       &cstruct))) {
 	fprintf(STDERR, "could not initialize VLDB library (code=%lu) \n",
 		(unsigned long)code);
 	exit(1);
diff --git a/src/volser/vsutils.c b/src/volser/vsutils.c
index 8db7499..51b2465 100644
--- a/src/volser/vsutils.c
+++ b/src/volser/vsutils.c
@@ -38,7 +38,6 @@
 #include "vsutils_prototypes.h"
 
 struct ubik_client *cstruct;
-static rxkad_level vsu_rxkad_level = rxkad_clear;
 
 static void
 ovlentry_to_nvlentry(struct vldbentry *oentryp,
@@ -392,39 +391,19 @@ VLDB_IsSameAddrs(afs_uint32 serv1, afs_uint32 serv2, afs_int32 *errorp)
     return code;
 }
 
-
-/*
-  Set encryption.  If 'cryptflag' is nonzero, encrpytion is turned on
-  for authenticated connections; if zero, encryption is turned off.
-  Calling this function always results in a level of at least rxkad_auth;
-  to get a rxkad_clear connection, simply don't call this.
-*/
-void
-vsu_SetCrypt(int cryptflag)
-{
-    if (cryptflag) {
-	vsu_rxkad_level = rxkad_crypt;
-    } else {
-	vsu_rxkad_level = rxkad_auth;
-    }
-}
-
-
 /*
   Get the appropriate type of ubik client structure out from the system.
 */
-afs_int32
-vsu_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
-               struct ubik_client **uclientp,
-	       int (*secproc)(struct rx_securityClass *, afs_int32))
+int
+vsu_ClientInit(const char *confDir, char *cellName, int secFlags,
+	       int (*secproc)(struct rx_securityClass *, afs_int32),
+	       struct ubik_client **uclientp)
 {
-    return ugen_ClientInit(noAuthFlag, confDir, cellName, sauth, uclientp,
-			   secproc, "vsu_ClientInit", vsu_rxkad_level,
-			   VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 90,
-			   0, 0, USER_SERVICE_ID);
+    return ugen_ClientInitFlags(confDir, cellName, secFlags, uclientp,
+				secproc, VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE,
+				90);
 }
 
-
 /*extract the name of volume <name> without readonly or backup suffixes
  * and return the result as <rname>.
  */
diff --git a/src/volser/vsutils_prototypes.h b/src/volser/vsutils_prototypes.h
index 042e91a..d0cddc6 100644
--- a/src/volser/vsutils_prototypes.h
+++ b/src/volser/vsutils_prototypes.h
@@ -10,9 +10,6 @@ extern int VLDB_ListAttributes(VldbListByAttributes *attrp, afs_int32 *entriesp,
 extern int VLDB_ListAttributesN2(VldbListByAttributes *attrp, char *name, afs_int32 thisindex,
            afs_int32 *nentriesp, nbulkentries *blkentriesp, afs_int32 *nextindexp);
 extern int VLDB_IsSameAddrs(afs_uint32 serv1, afs_uint32 serv2, afs_int32 *errorp);
-extern void vsu_SetCrypt(int cryptflag);
-extern afs_int32 vsu_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
-               struct ubik_client **uclientp, int (*secproc)(struct rx_securityClass *, afs_int32));
 extern int vsu_ExtractName(char rname[], char name[]);
 extern afs_uint32 vsu_GetVolumeID(char *astring, struct ubik_client *acstruct, afs_int32 *errp);
 #endif