Add -usetokens option to libadmin test 'afscp'

This adds a -usetokens option to poorly named libadmin test 'afscp' program.
If called with this flag, 'afscp' will assume you have already acquired
tokens, and will fetch and use them. If ran with the -authcell option,
it will look for tokens for that cell, otherwise it will look for tokens
in the local cell. Since the function used to fetch local tokens is
incompatable with the kas functions, all of the kas commands have been
modified to complain and exit if any of them all called with -usetokens.

Fixed whitespace, again.

Change-Id: I4f9bcbae42f6eb179168bb5d152ed36df3db8dd5
Reviewed-on: http://gerrit.openafs.org/3899
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Dan Hyde <drh@umich.edu>
Reviewed-by: Steve Simmons <scs@umich.edu>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/libadmin/test/afscp.c b/src/libadmin/test/afscp.c
index 819266f188eb44d6beec4d3256f1bc05605280d2..4eb0c3ed653f8ad1c6682be3035f04d265c9b98c 100644 (file)
--- a/src/libadmin/test/afscp.c
+++ b/src/libadmin/test/afscp.c
@@ -43,6 +43,7 @@
 
 void *cellHandle;
 void *tokenHandle;
+int existing_tokens = 0;
 #ifdef AFS_DARWIN_ENV
 pthread_mutex_t des_init_mutex = PTHREAD_MUTEX_INITIALIZER;
 pthread_mutex_t des_random_mutex = PTHREAD_MUTEX_INITIALIZER;
@@ -82,6 +83,23 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
        if (as->parms[AUTHCELL_PARAM].items) {
            ERR_EXT("you can't specify both -noauth and -authcell");
        }
+       if (as->parms[USEEXISTTOKENS_PARAM].items) {
+           ERR_EXT("you can't specify both -noauth and -usetokens");
+       }
+    }
+
+    /*
+     * Check for usetokens
+     */
+
+    if (as->parms[USEEXISTTOKENS_PARAM].items) {
+       existing_tokens = 1;
+       if (as->parms[USER_PARAM].items) {
+           ERR_EXT("you can't specify both -usetokens and -authuser");
+       }
+       if (as->parms[PASSWORD_PARAM].items) {
+           ERR_EXT("you can't specify both -usetokens and -authpassword");
+       }
     }
 
     /*
@@ -127,6 +145,18 @@ MyBeforeProc(struct cmd_syndesc *as, void *arock)
             &st)) {
            ERR_ST_EXT("can't get noauth tokens", st);
        }
+    } else if (existing_tokens) {
+       if (as->parms[AUTHCELL_PARAM].items) {
+           /* Look for existing tokens for this cell */
+           strcpy(auth_cell, as->parms[AUTHCELL_PARAM].items->data);
+       } else {
+           if (!afsclient_LocalCellGet(auth_cell, &st)) {
+               ERR_ST_EXT("can't get local cell name", st);
+           }
+       }
+       if (!afsclient_TokenGetExisting((const char*)auth_cell, &tokenHandle, &st)) {
+           ERR_ST_EXT("can't find existing tokens", st);
+       }
     } else {
        if (!afsclient_TokenGetNew
            (auth_cell, (const char *)as->parms[USER_PARAM].items->data,
@@ -168,6 +198,8 @@ SetupCommonCmdArgs(struct cmd_syndesc *as)
                "cell where command will execute");
     cmd_AddParm(as, "-noauth", CMD_FLAG, CMD_OPTIONAL,
                "run this command unauthenticated");
+    cmd_AddParm(as, "-usetokens", CMD_FLAG, CMD_OPTIONAL,
+               "use already existing tokens");
 }
 
 int

diff --git a/src/libadmin/test/common.h b/src/libadmin/test/common.h
index aa28fe6c19685350daae306e7e0834dc242be8db..a7f6e586134cde451d2f34fb4392936f4561615d 100644 (file)
--- a/src/libadmin/test/common.h
+++ b/src/libadmin/test/common.h
@@ -31,7 +31,8 @@ typedef enum {
     PASSWORD_PARAM,
     AUTHCELL_PARAM,
     EXECCELL_PARAM,
-    NOAUTH_PARAM
+    NOAUTH_PARAM,
+    USEEXISTTOKENS_PARAM
 } CommonParm_t;
 
 extern void

diff --git a/src/libadmin/test/kas.c b/src/libadmin/test/kas.c
index d32c0c0eb16e7f60e3b257ffc25712c4c02e053c..d568e26dada338fb12b39f925168a87b485f035f 100644 (file)
--- a/src/libadmin/test/kas.c
+++ b/src/libadmin/test/kas.c
@@ -52,6 +52,10 @@ DoKasPrincipalCreate(struct cmd_syndesc *as, void *arock)
     kas_identity_t user;
     const char *password;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -76,6 +80,10 @@ DoKasPrincipalDelete(struct cmd_syndesc *as, void *arock)
     afs_status_t st = 0;
     kas_identity_t user;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -163,6 +171,10 @@ DoKasPrincipalGet(struct cmd_syndesc *as, void *arock)
     kas_identity_t user;
     kas_principalEntry_t principal;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -187,6 +199,10 @@ DoKasPrincipalList(struct cmd_syndesc *as, void *arock)
     void *iter;
     kas_identity_t prin;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     if (!kas_PrincipalGetBegin(cellHandle, 0, &iter, &st)) {
        ERR_ST_EXT("kas_PrincipalGetBegin", st);
     }
@@ -225,6 +241,10 @@ DoKasPrincipalKeySet(struct cmd_syndesc *as, void *arock)
     const char *cell;
     const char *password;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -260,6 +280,10 @@ DoKasPrincipalLockStatusGet(struct cmd_syndesc *as, void *arock)
     kas_identity_t user;
     unsigned int lock_end_time = 0;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -285,6 +309,10 @@ DoKasPrincipalUnlock(struct cmd_syndesc *as, void *arock)
     afs_status_t st = 0;
     kas_identity_t user;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -342,6 +370,10 @@ DoKasPrincipalFieldsSet(struct cmd_syndesc *as, void *arock)
     unsigned int *failed_password_lock_time_ptr = NULL;
     int have_failed_password_lock_time = 0;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     strcpy(user.principal, as->parms[PRINCIPAL].items->data);
 
     if (as->parms[INSTANCE].items) {
@@ -551,6 +583,10 @@ DoKasServerStatsGet(struct cmd_syndesc *as, void *arock)
     void *kas_server = NULL;
     kas_serverStats_t stats;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     if (as->parms[SERVER].items) {
        server_list[0] = as->parms[SERVER].items->data;
     }
@@ -636,6 +672,10 @@ DoKasServerDebugGet(struct cmd_syndesc *as, void *arock)
     void *kas_server = NULL;
     kas_serverDebugInfo_t debug;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     if (as->parms[SERVER].items) {
        server_list[0] = as->parms[SERVER].items->data;
     }
@@ -662,6 +702,10 @@ DoKasServerRandomKeyGet(struct cmd_syndesc *as, void *arock)
     kas_encryptionKey_t key;
     int i;
 
+    if (existing_tokens) {
+       ERR_EXT("can't use -usetokens with kas functions");
+    }
+
     if (!kas_ServerRandomKeyGet(cellHandle, 0, &key, &st)) {
        ERR_ST_EXT("kas_ServerRandomKeyGet", st);
     }

diff --git a/src/libadmin/test/kas.h b/src/libadmin/test/kas.h
index 2401595de9d1a0da07db89aed17da1616470d513..d7e3807201bd1cf12184e54fc808c79d8411b797 100644 (file)
--- a/src/libadmin/test/kas.h
+++ b/src/libadmin/test/kas.h
@@ -33,5 +33,10 @@
 #include <afs/cmd.h>
 #include "common.h"
 
+extern int existing_tokens; /* set in afscp.c, means we got tokens
+                            * from afsclient_TokenGetExisting, which
+                            * is incompatable with kas operations
+                            */
+
 void
   SetupKasAdminCmd(void);