From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Fri, 31 Jan 2014 05:56:49 +0000 (-0500)
Subject: Windows: Support arbitrary callback ports
X-Git-Tag: openafs-stable-1_8_0pre1~790
X-Git-Url: https://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=7760acc4570a306390f0b7e5acf4b21e8a8cc90d

Windows: Support arbitrary callback ports

Reconfigure the advanced firewall to support callback ports
other than port 7001.

This changes the semantics of the afsicf api.  AFS_PORTSET_SERVER is now
zero.  Any other value is treated as a callback port.

Change-Id: I4df421cc0ceb4dca94a6b5e81990115a4ce0334e
Reviewed-on: http://gerrit.openafs.org/10776
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---

diff --git a/src/WINNT/afsd/afsd_init.h b/src/WINNT/afsd/afsd_init.h
index 27782e5..9a6cb3c 100644
--- a/src/WINNT/afsd/afsd_init.h
+++ b/src/WINNT/afsd/afsd_init.h
@@ -19,6 +19,7 @@ void afsd_ForceTrace(BOOL flush);
 void afsd_SetUnhandledExceptionFilter();
 
 extern char cm_HostName[];
+extern unsigned short cm_callbackport;
 extern char cm_NetbiosName[];
 extern clientchar_t cm_NetbiosNameC[];
 
diff --git a/src/WINNT/afsd/afsicf.cpp b/src/WINNT/afsd/afsicf.cpp
index 1837302..c9f6191 100644
--- a/src/WINNT/afsd/afsicf.cpp
+++ b/src/WINNT/afsd/afsicf.cpp
@@ -32,6 +32,7 @@
 #include <objbase.h>
 #include <oleauto.h>
 #include "afsicf.h"
+#include <wchar.h>
 
 #ifdef TESTMAIN
 #include<stdio.h>
@@ -225,6 +226,30 @@ HRESULT icf_CheckAndAddPorts2(WCHAR * wServiceName, global_afs_port_t * ports, i
             {
                 DEBUGOUT(("INetFwRule Interface Types Updated\n"));
             }
+
+	    hr = pFwRule->put_Protocol(ports[i].protocol);
+	    if (SUCCEEDED(hr))
+	    {
+		DEBUGOUT(("INetFwRule Interface Protocol Updated\n"));
+	    }
+
+	    hr = pFwRule->put_LocalPorts(bstrRuleLPorts);
+	    if (SUCCEEDED(hr))
+	    {
+		DEBUGOUT(("INetFwRule Interface Local Ports Updated\n"));
+	    }
+
+	    hr = pFwRule->put_Grouping(bstrRuleGroup);
+	    if (SUCCEEDED(hr))
+	    {
+		DEBUGOUT(("INetFwRule Interface Grouping Updated\n"));
+	    }
+
+	    hr = pFwRule->put_Action(NET_FW_ACTION_ALLOW);
+	    if (SUCCEEDED(hr))
+	    {
+		DEBUGOUT(("INetFwRule Interface Action Updated\n"));
+	    }
         }
 
         SysFreeString(bstrRuleName);
@@ -451,7 +476,7 @@ HRESULT icf_CheckAndAddPorts(INetFwProfile * fwProfile, global_afs_port_t * port
     return rhr;
 }
 
-long icf_CheckAndAddAFSPorts(int portset) {
+long icf_CheckAndAddAFSPorts(int port) {
     HRESULT hr;
     BOOL coInitialized = FALSE;
     INetFwProfile * fwProfile = NULL;
@@ -460,17 +485,24 @@ long icf_CheckAndAddAFSPorts(int portset) {
     int nports;
     long code = 0;
 
-    if (portset == AFS_PORTSET_CLIENT) {
-	ports = afs_clientPorts;
-	nports = sizeof(afs_clientPorts) / sizeof(*afs_clientPorts);
-        wServiceName = L"TransarcAFSDaemon";
-    } else if (portset == AFS_PORTSET_SERVER) {
+    if (port == AFS_PORTSET_SERVER) {
 	ports = afs_serverPorts;
 	nports = sizeof(afs_serverPorts) / sizeof(*afs_serverPorts);
-        wServiceName = L"TransarcAFSServer";
-    } else {
-        DEBUGOUT(("Invalid port set\n"));
-	return 1; /* Invalid port set */
+	wServiceName = L"TransarcAFSServer";;
+    } else /* an actual client port */ {
+	WCHAR str_port[32];
+
+	if (_snwprintf_s(str_port, 32, 31, L"%u", port) < 0) {
+	    DEBUGOUT(("Invalid port set\n"));
+	    return 1; /* Invalid port set */
+	}
+
+	ports = afs_clientPorts;
+	nports = sizeof(afs_clientPorts) / sizeof(*afs_clientPorts);
+
+	afs_clientPorts[0].n_port = port;
+	afs_clientPorts[0].str_port = str_port;
+	wServiceName = L"TransarcAFSDaemon";
     }
     hr = CoInitializeEx( NULL,
 			 COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE
@@ -516,7 +548,7 @@ long icf_CheckAndAddAFSPorts(int portset) {
 #ifdef TESTMAIN
 int main(int argc, char **argv) {
     printf("Starting...\n");
-    if (icf_CheckAndAddAFSPorts(AFS_PORTSET_CLIENT))
+    if (icf_CheckAndAddAFSPorts(7001))
 	printf("Failed\n");
     else
 	printf("Succeeded\n");
diff --git a/src/WINNT/afsd/afsicf.h b/src/WINNT/afsd/afsicf.h
index afd4df4..8ebbca0 100644
--- a/src/WINNT/afsd/afsicf.h
+++ b/src/WINNT/afsd/afsicf.h
@@ -34,6 +34,4 @@ long icf_CheckAndAddAFSPorts(int portset);
 }
 #endif
 
-#define AFS_PORTSET_CLIENT 1
-#define AFS_PORTSET_SERVER 2
-
+#define AFS_PORTSET_SERVER 0
diff --git a/src/WINNT/afsd/cm_daemon.c b/src/WINNT/afsd/cm_daemon.c
index 4cf4a61..d6bfdfc 100644
--- a/src/WINNT/afsd/cm_daemon.c
+++ b/src/WINNT/afsd/cm_daemon.c
@@ -645,7 +645,7 @@ void * cm_Daemon(void *vparm)
 
         if (configureFirewall) {
 	    /* Open Microsoft Firewall to allow in port 7001 */
-	    switch (icf_CheckAndAddAFSPorts(AFS_PORTSET_CLIENT)) {
+	    switch (icf_CheckAndAddAFSPorts(cm_callbackport)) {
 	    case 0:
 		afsi_log("Windows Firewall Configuration succeeded");
 		configureFirewall = 0;