From d008089a79ef268bbca91d660a840f32cb416865 Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Fri, 29 Jan 2010 17:52:17 +0000 Subject: [PATCH] Add interface to select client security objects Add a pair of interfaces to support the selection of a security object by the client. The idea of these interfaces is to abstract out the job of selecting an interface from the client code itself, and into a common library. This reduces duplicated code, and makes it easier to add new security objects in the future. Change-Id: I2bf411e6b56534070c827d009d36fa8a618c4511 Reviewed-on: http://gerrit.openafs.org/1219 Reviewed-by: Derrick Brashear Tested-by: Derrick Brashear --- src/auth/acfg_errors.et | 2 + src/auth/authcon.c | 164 ++++++++++++++++++++++++++++ src/auth/cellconfig.p.h | 33 ++++-- src/bozo/bos.c | 130 +++++++--------------- src/bucoord/ubik_db_if.c | 228 ++++++++++----------------------------- src/ptserver/ptuser.c | 63 ++++------- src/ubik/uinit.c | 129 ++++++---------------- src/update/Makefile.in | 4 +- src/uss/uss_vol.c | 66 +++--------- src/venus/afsio.c | 71 +++--------- src/viced/fsprobe.c | 18 +--- src/viced/host.c | 45 ++------ 12 files changed, 377 insertions(+), 576 deletions(-) diff --git a/src/auth/acfg_errors.et b/src/auth/acfg_errors.et index 913f21e56..92baf0501 100644 --- a/src/auth/acfg_errors.et +++ b/src/auth/acfg_errors.et @@ -17,4 +17,6 @@ error_table ACFG ec AFSCONF_SYNTAX, "syntax error" ec AFSCONF_NODB, "a database file is missing" ec AFSCONF_FULL, "no more entries" + ec AFSCONF_NOCELLDB, "unable to open cell database" + ec AFSCONF_NO_SECURITY_CLASS, "unable to build security class" end diff --git a/src/auth/authcon.c b/src/auth/authcon.c index 006fd2325..5f415a676 100644 --- a/src/auth/authcon.c +++ b/src/auth/authcon.c @@ -172,6 +172,74 @@ afsconf_ClientAuthSecure(void *arock, return rc; } +/*! + * Build a security class from the user's current tokens + * + * This function constructs an RX security class from a user's current + * tokens. + * + * @param[in] info The cell information structure + * @param[in] flags Security flags describing the desired mechanism + * @param[out] sc The selected security class + * @param[out] scIndex The index of the selected class + * @parma[out] expires The expiry time of the tokens used to build the class + * + * Only the AFSCONF_SECOPTS_ALWAYSENCRYPT flag will modify the behaviour of + * this function - it determines whether a cleartext, or encrypting, security + * class is provided. + * + * @return + * 0 on success, non-zero on failure. An error code of + * AFSCONF_NO_SECURITY_CLASS indicates that were were unable to build a + * security class using the selected tokens. + */ + +afs_int32 +afsconf_ClientAuthToken(struct afsconf_cell *info, + afsconf_secflags flags, + struct rx_securityClass **sc, + afs_int32 *scIndex, + time_t *expires) +{ + struct ktc_principal sname; + struct ktc_token ttoken; + int encryptLevel; + afs_int32 code; + + *sc = NULL; + *scIndex = 0; + + strcpy(sname.cell, info->name); + sname.instance[0] = 0; + strcpy(sname.name, "afs"); + code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); + + if (code == 0) { + /* XXX - We should think about how to handle this */ + if (ttoken.kvno < 0 || ttoken.kvno > 256) { + fprintf(stderr, + "funny kvno (%d) in ticket, proceeding\n", + ttoken.kvno); + } + if (flags & AFSCONF_SECOPTS_ALWAYSENCRYPT) + encryptLevel = rxkad_crypt; + else + encryptLevel = rxkad_clear; + *sc = rxkad_NewClientSecurityObject(encryptLevel, + &ttoken.sessionKey, + ttoken.kvno, + ttoken.ticketLen, + ttoken.ticket); + *scIndex = 2; + if (expires) + *expires = ttoken.endTime; + } + if (*sc == NULL) + return AFSCONF_NO_SECURITY_CLASS; + + return code; +} + /*! * Build a set of security classes suitable for a server accepting * incoming connections @@ -199,3 +267,99 @@ afsconf_BuildServerSecurityObjects(struct afsconf_dir *dir, afsconf_GetKey, NULL); } #endif + +/*! + * Pick a security class to use for an outgoing connection + * + * This function selects an RX security class to use for an outgoing + * connection, based on the set of security flags provided. + * + * @param[in] dir + * The configuration directory structure for this cell. If NULL, + * no classes requiring local configuration will be returned. + * @param[in] flags + * A set of flags to determine the properties of the security class which + * is selected + * - AFSCONF_SECOPTS_NOAUTH - return an anonymous secirty class + * - AFSCONF_SECOPTS_LOCALAUTH - use classes which have local key + * material available. + * - AFSCONF_SECOPTS_ALWAYSENCRYPT - use classes in encrypting, rather + * than authentication or integrity modes. + * - AFSCONF_SECOPTS_FALLBACK_NULL - if no suitable class can be found, + * then fallback to the rxnull security class. + * @param[in] info + * The cell information structure for the current cell. If this is NULL, + * then use a version locally obtained using the cellName. + * @param[in] cellName + * The cellName to use when obtaining cell information (may be NULL if + * info is specified) + * @param[out] sc + * The selected security class + * @param[out] scIndex + * The index of the selected security class + * @param[out] expires + * The expiry time of the tokens used to construct the class. Will be + * NEVER_DATE if the class has an unlimited lifetime. If NULL, the + * function won't store the expiry date. + * + * @return + * Returns 0 on success, or a com_err error code on failure. + */ +afs_int32 +afsconf_PickClientSecObj(struct afsconf_dir *dir, afsconf_secflags flags, + struct afsconf_cell *info, + char *cellName, struct rx_securityClass **sc, + afs_int32 *scIndex, time_t *expires) { + struct afsconf_cell localInfo; + afs_int32 code = 0; + + *sc = NULL; + *scIndex = 0; + if (expires) + expires = 0; + + if ( !(flags & AFSCONF_SECOPTS_NOAUTH) ) { + if (!dir) + return AFSCONF_NOCELLDB; + + if (flags & AFSCONF_SECOPTS_LOCALAUTH) { + code = afsconf_GetLatestKey(dir, 0, 0); + if (code) + goto out; + + if (flags & AFSCONF_SECOPTS_ALWAYSENCRYPT) + code = afsconf_ClientAuthSecure(dir, sc, scIndex); + else + code = afsconf_ClientAuth(dir, sc, scIndex); + + if (code) + goto out; + + if (expires) + *expires = NEVERDATE; + } else { + if (info == NULL) { + code = afsconf_GetCellInfo(dir, cellName, NULL, &localInfo); + if (code) + goto out; + info = &localInfo; + } + + code = afsconf_ClientAuthToken(info, flags, sc, scIndex, expires); + if (code && !(flags & AFSCONF_SECOPTS_FALLBACK_NULL)) + goto out; + + /* If we didn't get a token, we'll just run anonymously */ + code = 0; + } + } + if (*sc == NULL) { + *sc = rxnull_NewClientSecurityObject(); + *scIndex = 0; + if (expires) + *expires = NEVERDATE; + } + +out: + return code; +} diff --git a/src/auth/cellconfig.p.h b/src/auth/cellconfig.p.h index e0d86b1ad..3e715270e 100644 --- a/src/auth/cellconfig.p.h +++ b/src/auth/cellconfig.p.h @@ -46,15 +46,6 @@ Creation date: * Return codes. */ #define AFSCONF_SUCCESS 0 /* worked */ -#if 0 -#define AFSCONF_FAILURE 1 /* mysterious failure */ -#define AFSCONF_NOTFOUND 2 /* could not find entry */ -#define AFSCONF_UNKNOWN 3 /* do not know that information */ -#define AFSCONF_NOCELL 4 /* line appears before a cell has been defined */ -#define AFSCONF_SYNTAX 5 /* syntax error */ -#define AFSCONF_NODB 6 /* a database file is missing */ -#define AFSCONF_FULL 7 /* no more entries */ -#endif /* * Complete server info for one cell. @@ -145,6 +136,30 @@ extern afs_int32 afsconf_ClientAuthSecure(void *arock, struct rx_securityClass **astr, afs_int32 * aindex); +/*! + * A set of bit flags to control the selection of a security object + */ +#define AFSCONF_SECOPTS_NOAUTH 0x1 +#define AFSCONF_SECOPTS_LOCALAUTH 0x2 +#define AFSCONF_SECOPTS_ALWAYSENCRYPT 0x4 +#define AFSCONF_SECOPTS_FALLBACK_NULL 0x8 +typedef afs_uint32 afsconf_secflags; + +extern afs_int32 afsconf_ClientAuthToken(struct afsconf_cell *info, + afsconf_secflags flags, + struct rx_securityClass **sc, + afs_int32 *scIndex, + time_t *expires); + + +extern afs_int32 afsconf_PickClientSecObj(struct afsconf_dir *dir, + afsconf_secflags flags, + struct afsconf_cell *info, + char *cellName, + struct rx_securityClass **sc, + afs_int32 *scIndex, + time_t *expires); + /* Flags for this function */ #define AFSCONF_SEC_OBJS_RXKAD_CRYPT 1 extern void afsconf_BuildServerSecurityObjects(struct afsconf_dir *, diff --git a/src/bozo/bos.c b/src/bozo/bos.c index 411e64dec..d3e67ac4d 100644 --- a/src/bozo/bos.c +++ b/src/bozo/bos.c @@ -160,9 +160,6 @@ DateOf(afs_int32 atime) return tbuffer; } -/* global stuff from main for communicating with GetConn */ -static struct rx_securityClass *sc[3]; -static int scIndex; /* use the syntax descr to get a connection, authenticated appropriately. * aencrypt is set if we want to encrypt the data on the wire. @@ -172,15 +169,15 @@ GetConn(struct cmd_syndesc *as, int aencrypt) { struct hostent *th; char *hostname; + char *cellname = NULL; + const char *confdir; register afs_int32 code; register struct rx_connection *tconn; afs_int32 addr; - register struct afsconf_dir *tdir; - int encryptLevel; - struct ktc_principal sname; - struct ktc_token ttoken; - int localauth; - const char *confdir; + struct afsconf_dir *tdir = NULL; + afsconf_secflags secFlags; + struct rx_securityClass *sc; + int scIndex; hostname = as->parms[0].items->data; th = hostutil_GetHostByName(hostname); @@ -190,94 +187,47 @@ GetConn(struct cmd_syndesc *as, int aencrypt) } memcpy(&addr, th->h_addr, sizeof(afs_int32)); - /* Start with no authentication */ - sc[0] = rxnull_NewClientSecurityObject(); - sc[1] = 0; - sc[2] = 0; - scIndex = 0; - - if (!as->parms[ADDPARMOFFSET + 1].items) { /* not -noauth */ - /* get tokens for making authenticated connections */ - localauth = (as->parms[ADDPARMOFFSET + 2].items != 0); - confdir = - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : AFSDIR_CLIENT_ETC_DIRPATH); - tdir = afsconf_Open(confdir); - if (tdir) { - struct afsconf_cell info; - char *tname; - - if (as->parms[ADDPARMOFFSET].items) - tname = as->parms[ADDPARMOFFSET].items->data; - else - tname = NULL; - /* next call expands cell name abbrevs for us and handles looking up - * local cell */ - code = afsconf_GetCellInfo(tdir, tname, NULL, &info); - if (code) { - afs_com_err("bos", code, "(can't find cell '%s' in cell database)", - (tname ? tname : "")); - exit(1); - } else - strcpy(sname.cell, info.name); - } else { - printf("bos: can't open cell database (%s)\n", confdir); - exit(1); - } - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - - if (as->parms[ADDPARMOFFSET + 2].items) { /* -localauth */ - code = afsconf_GetLatestKey(tdir, 0, 0); - if (code) - afs_com_err("bos", code, "(getting key from local KeyFile)"); - else { - if (aencrypt) - code = afsconf_ClientAuthSecure(tdir, &sc[2], &scIndex); - else - code = afsconf_ClientAuth(tdir, &sc[2], &scIndex); - if (code) - afs_com_err("bos", code, "(calling ClientAuth)"); - else if (scIndex != 2) /* this shouldn't happen */ - sc[scIndex] = sc[2]; - } - } else { /* not -localauth, check for tickets */ - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code == 0) { - /* have tickets, will travel */ - if (ttoken.kvno >= 0 && ttoken.kvno <= 256); - else { - fprintf(stderr, - "bos: funny kvno (%d) in ticket, proceeding\n", - ttoken.kvno); - } - /* kerberos tix */ - if (aencrypt) - encryptLevel = rxkad_crypt; - else - encryptLevel = rxkad_clear; - sc[2] = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(encryptLevel, - &ttoken.sessionKey, - ttoken.kvno, - ttoken.ticketLen, - ttoken.ticket); - scIndex = 2; - } else - afs_com_err("bos", code, "(getting tickets)"); - } - if ((scIndex == 0) || (sc[scIndex] == 0)) { - fprintf(stderr, "bos: running unauthenticated\n"); - scIndex = 0; + secFlags = AFSCONF_SECOPTS_FALLBACK_NULL; + + if (as->parms[ADDPARMOFFSET + 2].items) { /* -localauth */ + secFlags |= AFSCONF_SECOPTS_LOCALAUTH; + confdir = AFSDIR_SERVER_ETC_DIRPATH; + } else { + confdir = AFSDIR_CLIENT_ETC_DIRPATH; + } + + if (as->parms[ADDPARMOFFSET + 1].items) { /* -noauth */ + secFlags |= AFSCONF_SECOPTS_NOAUTH; + } else { + /* If we're running with -noauth, we don't need a configuration + * directory */ + tdir = afsconf_Open(confdir); + if (tdir == NULL) { + printf("bos: can't open cell database (%s)\n", confdir); + exit(1); } } + + if (as->parms[ADDPARMOFFSET].items) /* -cell */ + cellname = as->parms[ADDPARMOFFSET].items->data; + + code = afsconf_PickClientSecObj(tdir, secFlags, NULL, cellname, + &sc, &scIndex, NULL); + if (code) { + afs_com_err("bos", code, "(configuring connection security)"); + exit(1); + } + + if (scIndex == 0) + fprintf(stderr, "bos: running unauthenticated\n"); + tconn = - rx_NewConnection(addr, htons(AFSCONF_NANNYPORT), 1, sc[scIndex], - scIndex); + rx_NewConnection(addr, htons(AFSCONF_NANNYPORT), 1, sc, scIndex); if (!tconn) { fprintf(stderr, "bos: could not create rx connection\n"); exit(1); } - rxs_Release(sc[scIndex]); + rxs_Release(sc); return tconn; } diff --git a/src/bucoord/ubik_db_if.c b/src/bucoord/ubik_db_if.c index 258886704..3dfee3dde 100644 --- a/src/bucoord/ubik_db_if.c +++ b/src/bucoord/ubik_db_if.c @@ -771,6 +771,23 @@ bc_CheckTextVersion(udbClientTextP ctPtr) * ------------------------------------- */ +static afsconf_secflags +parseSecFlags(int noAuthFlag, int localauth, const char **confdir) { + afsconf_secflags secFlags; + + secFlags = 0; + if (noAuthFlag) + secFlags |= AFSCONF_SECOPTS_NOAUTH; + + if (localauth) { + secFlags |= AFSCONF_SECOPTS_LOCALAUTH; + *confdir = AFSDIR_SERVER_ETC_DIRPATH; + } else { + *confdir = AFSDIR_CLIENT_ETC_DIRPATH; + } + return secFlags; +} + /* vldbClientInit * Initialize a client for the vl ubik database. */ @@ -784,108 +801,40 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName, struct rx_securityClass *sc; afs_int32 i, scIndex = 0; /* Index of Rx security object - noauth */ struct afsconf_cell info; - struct ktc_principal sname; - struct ktc_token *ttoken = NULL; struct rx_connection *serverconns[VLDB_MAXSERVERS]; + afsconf_secflags secFlags; + const char *confdir; + secFlags = parseSecFlags(noAuthFlag, localauth, &confdir); + secFlags |= AFSCONF_SECOPTS_FALLBACK_NULL; + + /* This just preserves old behaviour of using the default cell when + * passed an empty string */ + if (cellName && cellName[0] == '\0') + cellName = NULL; /* Find out about the given cell */ - acdir = - afsconf_Open((localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH)); + acdir = afsconf_Open(confdir); if (!acdir) { - afs_com_err(whoami, 0, "Can't open configuration directory '%s'", - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH)); + afs_com_err(whoami, 0, "Can't open configuration directory '%s'", confdir); ERROR(BC_NOCELLCONFIG); } - if (!cellName[0]) { - char cname[64]; - - code = afsconf_GetLocalCell(acdir, cname, sizeof(cname)); - if (code) { - afs_com_err(whoami, code, - "; Can't get the local cell name - check %s/%s", - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH), AFSDIR_THISCELL_FILE); - ERROR(code); - } - strcpy(cellName, cname); - } - code = afsconf_GetCellInfo(acdir, cellName, AFSCONF_VLDBSERVICE, &info); if (code) { afs_com_err(whoami, code, "; Can't find cell %s's hosts in %s/%s", - cellName, - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH), AFSDIR_CELLSERVDB_FILE); + cellName, confdir, AFSDIR_CELLSERVDB_FILE); ERROR(BC_NOCELLCONFIG); } - /* - * Grab tickets if we care about authentication. - */ - *expires = 0; - if (localauth) { - code = afsconf_GetLatestKey(acdir, 0, 0); - if (code) { - afs_com_err(whoami, code, "; Can't get key from local key file"); - ERROR(code); - } else { - code = afsconf_ClientAuth(acdir, &sc, &scIndex); - if (code) { - afs_com_err(whoami, code, "; Calling ClientAuth"); - ERROR(code); - } - - *expires = NEVERDATE; - } - } else { - if (!noAuthFlag) { - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - - code = - ktc_GetToken(&sname, ttoken, sizeof(struct ktc_token), NULL); - if (code) { - afs_com_err(whoami, code, - "; Can't get AFS tokens - running unauthenticated"); - } else { - if ((ttoken->kvno < 0) || (ttoken->kvno > 256)) - afs_com_err(whoami, 0, - "Funny kvno (%d) in ticket, proceeding", - ttoken->kvno); - *expires = ttoken->endTime; - scIndex = 2; - } - } - - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - case 2: - sc = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, - &ttoken->sessionKey, - ttoken->kvno, ttoken->ticketLen, - ttoken->ticket); - break; - default: - afs_com_err(whoami, 0, "Unsupported authentication type %d", scIndex); - ERROR(-1); - break; - } - } - - if (!sc) { - afs_com_err(whoami, 0, - "Can't create a security object with security index %d", - scIndex); - ERROR(-1); + code = afsconf_PickClientSecObj(acdir, secFlags, &info, cellName, + &sc, &scIndex, expires); + if (code) { + afs_com_err(whoami, code, "(configuring connection security)"); + ERROR(BC_NOCELLCONFIG); } + if (scIndex == 0 && !noAuthFlag) + afs_com_err(whoami, 0, "Can't get tokens - running unauthenticated"); /* tell UV module about default authentication */ UV_SetSecurity(sc, scIndex); @@ -924,109 +873,42 @@ vldbClientInit(int noAuthFlag, int localauth, char *cellName, afs_int32 udbClientInit(int noAuthFlag, int localauth, char *cellName) { - struct ktc_principal principal; - struct ktc_token token; struct afsconf_cell info; struct afsconf_dir *acdir; + const char *confdir; int i; + afs_int32 secFlags; afs_int32 code = 0; - acdir = - afsconf_Open((localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH)); + secFlags = parseSecFlags(noAuthFlag, localauth, &confdir); + secFlags |= AFSCONF_SECOPTS_FALLBACK_NULL; + + if (cellName && cellName[0] == '\0') + cellName = NULL; + + acdir = afsconf_Open(confdir); if (!acdir) { afs_com_err(whoami, 0, "Can't open configuration directory '%s'", - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH)); + confdir); ERROR(BC_NOCELLCONFIG); } - if (!cellName[0]) { - char cname[64]; - - code = afsconf_GetLocalCell(acdir, cname, sizeof(cname)); - if (code) { - afs_com_err(whoami, code, - "; Can't get the local cell name - check %s/%s", - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH), AFSDIR_THISCELL_FILE); - ERROR(code); - } - strcpy(cellName, cname); - } - code = afsconf_GetCellInfo(acdir, cellName, 0, &info); if (code) { afs_com_err(whoami, code, "; Can't find cell %s's hosts in %s/%s", - cellName, - (localauth ? AFSDIR_SERVER_ETC_DIRPATH : - AFSDIR_CLIENT_ETC_DIRPATH), AFSDIR_CELLSERVDB_FILE); + cellName, confdir, AFSDIR_CELLSERVDB_FILE); ERROR(BC_NOCELLCONFIG); } - udbHandle.uh_scIndex = RX_SCINDEX_NULL; - - if (localauth) { - code = afsconf_GetLatestKey(acdir, 0, 0); - if (code) { - afs_com_err(whoami, code, "; Can't get key from local key file"); - ERROR(-1); - } else { - code = - afsconf_ClientAuth(acdir, &udbHandle.uh_secobj, - &udbHandle.uh_scIndex); - if (code) { - afs_com_err(whoami, code, "; Calling ClientAuth"); - ERROR(-1); - } - } - } else { - if (!noAuthFlag) { - /* setup principal */ - strcpy(principal.cell, info.name); - principal.instance[0] = 0; - strcpy(principal.name, "afs"); - - /* get token */ - code = ktc_GetToken(&principal, &token, sizeof(token), NULL); - if (code) { - afs_com_err(whoami, code, - "; Can't get tokens - running unauthenticated"); - } else { - if ((token.kvno < 0) || (token.kvno > 256)) - afs_com_err(whoami, 0, - "Unexpected kvno (%d) in ticket - proceeding", - token.kvno); - udbHandle.uh_scIndex = RX_SCINDEX_KAD; /* Kerberos */ - } - } - - switch (udbHandle.uh_scIndex) { - case 0: - udbHandle.uh_secobj = rxnull_NewClientSecurityObject(); - break; - - case 2: - udbHandle.uh_secobj = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, &token.sessionKey, - token.kvno, token.ticketLen, - token.ticket); - break; - - default: - afs_com_err(whoami, 0, "Unsupported authentication type %d", - udbHandle.uh_scIndex); - ERROR(-1); - break; - } - } - - if (!udbHandle.uh_secobj) { - afs_com_err(whoami, 0, - "Can't create a security object with security index %d", - udbHandle.uh_scIndex); - ERROR(-1); + code = afsconf_PickClientSecObj(acdir, secFlags, &info, cellName, + &udbHandle.uh_secobj, + &udbHandle.uh_scIndex, NULL); + if (code) { + afs_com_err(whoami, code, "(configuring connection security)"); + ERROR(BC_NOCELLCONFIG); } + if (&udbHandle.uh_scIndex == 0 && !noAuthFlag) + afs_com_err(whoami, 0, "Can't get tokens - running unauthenticated"); if (info.numServers > MAXSERVERS) { afs_com_err(whoami, 0, diff --git a/src/ptserver/ptuser.c b/src/ptserver/ptuser.c index 59a0f0216..fd889333a 100644 --- a/src/ptserver/ptuser.c +++ b/src/ptserver/ptuser.c @@ -62,12 +62,12 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell) { afs_int32 code; struct rx_connection *serverconns[MAXSERVERS]; - struct rx_securityClass *sc[3]; + struct rx_securityClass *sc; static struct afsconf_dir *tdir = (struct afsconf_dir *)NULL; /* only do this once */ static char tconfDir[100] = ""; static char tcell[64] = ""; - struct ktc_token ttoken; afs_int32 scIndex; + afs_int32 secFlags; static struct afsconf_cell info; afs_int32 i; #if !defined(UKERNEL) @@ -168,65 +168,38 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell) return code; } - scIndex = secLevel; - sc[0] = 0; - sc[1] = 0; - sc[2] = 0; /* Most callers use secLevel==1, however, the fileserver uses secLevel==2 * to force use of the KeyFile. secLevel == 0 implies -noauth was * specified. */ if (secLevel == 2) { code = afsconf_GetLatestKey(tdir, 0, 0); if (code) { - afs_com_err(whoami, code, - "(getting key from local KeyFile)\n"); - scIndex = 0; /* use noauth */ + afs_com_err(whoami, code, "(getting key from local KeyFile)\n"); } else { /* If secLevel is two assume we're on a file server and use * ClientAuthSecure if possible. */ - code = afsconf_ClientAuthSecure(tdir, &sc[2], &scIndex); - if (code) { - afs_com_err(whoami, code, - "(calling client secure)\n"); - scIndex = 0; /* use noauth */ - } + code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex); + if (code) + afs_com_err(whoami, code, "(calling client secure)\n"); } - if (scIndex != 2) - /* if there was a problem, an unauthenticated conn is returned */ - sc[scIndex] = sc[2]; } else if (secLevel > 0) { - struct ktc_principal sname; - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); + secFlags = 0; + if (secLevel > 1) + secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT; + + code = afsconf_ClientAuthToken(&info, secFlags, &sc, &scIndex, NULL); if (code) { afs_com_err(whoami, code, "(getting token)"); if (secLevel > 1) return code; - scIndex = 0; - } else { - if (ttoken.kvno >= 0 && ttoken.kvno <= 256) - /* this is a kerberos ticket, set scIndex accordingly */ - scIndex = 2; - else { - fprintf(stderr, - "%s: funny kvno (%d) in ticket, proceeding\n", - whoami, ttoken.kvno); - scIndex = 2; - } - sc[2] = - rxkad_NewClientSecurityObject((secLevel > 1) ? rxkad_crypt : - rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); } } - if (scIndex == 1) - return PRBADARG; - if ((scIndex == 0) && (sc[0] == 0)) - sc[0] = rxnull_NewClientSecurityObject(); + if (sc == NULL) { + sc = rxnull_NewClientSecurityObject(); + scIndex = 0; + } + if ((scIndex == 0) && (secLevel != 0)) fprintf(stderr, "%s: Could not get afs tokens, running unauthenticated\n", @@ -236,7 +209,7 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell) for (i = 0; i < info.numServers; i++) serverconns[i] = rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, - info.hostAddr[i].sin_port, PRSRV, sc[scIndex], + info.hostAddr[i].sin_port, PRSRV, sc, scIndex); code = ubik_ClientInit(serverconns, &pruclient); @@ -246,7 +219,7 @@ pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell) } lastLevel = scIndex; - code = rxs_Release(sc[scIndex]); + code = rxs_Release(sc); return code; } diff --git a/src/ubik/uinit.c b/src/ubik/uinit.c index b1e5259c6..bb609c4d7 100644 --- a/src/ubik/uinit.c +++ b/src/ubik/uinit.c @@ -52,15 +52,13 @@ ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 s afs_int32 maxservers, char *serviceid, afs_int32 deadtime, afs_uint32 server, afs_uint32 port, afs_int32 usrvid) { - afs_int32 code, scIndex, i; + afs_int32 code, scIndex, secFlags, i; struct afsconf_cell info; struct afsconf_dir *tdir; - struct ktc_principal sname; - struct ktc_token ttoken; struct rx_securityClass *sc; /* This must change if VLDB_MAXSERVERS becomes larger than MAXSERVERS */ static struct rx_connection *serverconns[MAXSERVERS]; - char cellstr[64]; + const char *confdir; code = rx_Init(0); if (code) { @@ -69,99 +67,38 @@ ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 s } rx_SetRxDeadTime(deadtime); - if (sauth) { /* -localauth */ - tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); - if (!tdir) { - fprintf(stderr, - "%s: Could not process files in configuration directory (%s).\n", - funcName, AFSDIR_SERVER_ETC_DIRPATH); - return -1; - } - code = afsconf_ClientAuth(tdir, &sc, &scIndex); /* sets sc,scIndex */ - if (code) { - afsconf_Close(tdir); - fprintf(stderr, - "%s: Could not get security object for -localAuth\n", - funcName); - return -1; - } - code = - afsconf_GetCellInfo(tdir, tdir->cellName, serviceid, - &info); - if (code) { - afsconf_Close(tdir); - fprintf(stderr, - "%s: can't find cell %s's hosts in %s/%s\n", - funcName, cellName, AFSDIR_SERVER_ETC_DIRPATH, - AFSDIR_CELLSERVDB_FILE); - return -1; - } - } else { /* not -localauth */ - tdir = afsconf_Open(confDir); - if (!tdir) { - fprintf(stderr, - "%s: Could not process files in configuration directory (%s).\n", - funcName, confDir); - return -1; - } - - if (!cellName) { - code = afsconf_GetLocalCell(tdir, cellstr, sizeof(cellstr)); - if (code) { - fprintf(stderr, - "%s: can't get local cellname, check %s/%s\n", - funcName, confDir, AFSDIR_THISCELL_FILE); - return -1; - } - cellName = cellstr; - } - - code = - afsconf_GetCellInfo(tdir, cellName, serviceid, &info); - if (code) { - fprintf(stderr, - "%s: can't find cell %s's hosts in %s/%s\n", - funcName, cellName, confDir, AFSDIR_CELLSERVDB_FILE); - return -1; - } - if (noAuthFlag) /* -noauth */ - scIndex = 0; - else { /* not -noauth */ - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) { /* did not get ticket */ - fprintf(stderr, - "%s: Could not get afs tokens, running unauthenticated.\n", - funcName); - scIndex = 0; - } else { /* got a ticket */ - scIndex = 2; - if ((ttoken.kvno < 0) || (ttoken.kvno > 256)) { - fprintf(stderr, - "%s: funny kvno (%d) in ticket, proceeding\n", - funcName, ttoken.kvno); - } - } - } + secFlags = AFSCONF_SECOPTS_FALLBACK_NULL; + if (sauth) { + secFlags |= AFSCONF_SECOPTS_LOCALAUTH; + confdir = AFSDIR_SERVER_ETC_DIRPATH; + } else { + confdir = AFSDIR_CLIENT_ETC_DIRPATH; + } - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - case 2: - sc = rxkad_NewClientSecurityObject(gen_rxkad_level, - &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - break; - default: - fprintf(stderr, "%s: unsupported security index %d\n", - funcName, scIndex); - return -1; - break; - } + tdir = afsconf_Open(confdir); + if (!tdir) { + fprintf(stderr, + "%s: Could not process files in configuration directory (%s).\n", + funcName, confdir); + return -1; + } + code = afsconf_GetCellInfo(tdir, tdir->cellName, serviceid, &info); + if (code) { + afsconf_Close(tdir); + fprintf(stderr, "%s: can't find cell %s's hosts in %s/%s\n", + funcName, cellName, confdir, AFSDIR_CELLSERVDB_FILE); + return -1; + } + code = afsconf_PickClientSecObj(tdir, secFlags, &info, tdir->cellName, &sc, + &scIndex, NULL); + if (code) { + fprintf(stderr, "%s: can't create client security object", funcName); + return -1; + } + if (scIndex == 0) { + fprintf(stderr, + "%s: Could not get afs tokens, running unauthenticated.\n", + funcName); } afsconf_Close(tdir); diff --git a/src/update/Makefile.in b/src/update/Makefile.in index c08ece59e..db8ba69f3 100644 --- a/src/update/Makefile.in +++ b/src/update/Makefile.in @@ -15,11 +15,11 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ LIBS=${TOP_LIBDIR}/libauth.a \ ${TOP_LIBDIR}/librxkad.a \ ${TOP_LIBDIR}/libdes.a \ + ${TOP_LIBDIR}/libsys.a \ ${TOP_LIBDIR}/librx.a \ ${TOP_LIBDIR}/liblwp.a \ ${TOP_LIBDIR}/libcom_err.a \ - ${TOP_LIBDIR}/util.a \ - ${TOP_LIBDIR}/libsys.a + ${TOP_LIBDIR}/util.a all: upserver upclient diff --git a/src/uss/uss_vol.c b/src/uss/uss_vol.c index 019543c7e..595aae23b 100644 --- a/src/uss/uss_vol.c +++ b/src/uss/uss_vol.c @@ -108,9 +108,8 @@ InitThisModule(int a_noAuthFlag, char *a_confDir, char *a_cellName) register afs_int32 code; /*Return code */ struct afsconf_dir *tdir; /*Ptr to conf dir info */ struct afsconf_cell info; /*Info about chosen cell */ - struct ktc_principal sname; /*Service name */ - struct ktc_token ttoken; /*Service ticket */ afs_int32 scIndex; /*Chosen security index */ + afs_int32 secFlags; struct rx_securityClass *sc; /*Generated security object */ afs_int32 i; /*Loop index */ @@ -158,56 +157,21 @@ InitThisModule(int a_noAuthFlag, char *a_confDir, char *a_cellName) #ifdef USS_VOL_DB printf("[%s] Getting tickets if needed\n", rn); #endif /* USS_VOL_DB */ - if (!a_noAuthFlag) { - /* - * We don't need tickets for unauthenticated connections. - */ - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) { - fprintf(stderr, - "%s: Couldn't get AFS tokens, running unauthenticated.\n", - uss_whoami); - scIndex = 0; - } else { - /* - * We got a ticket, go for an authenticated connection. - */ - if (ttoken.kvno >= 0 && ttoken.kvno <= 256) - scIndex = 2; /*Kerberos */ - else { - fprintf(stderr, "%s: Funny kvno (%d) in ticket, proceeding\n", - uss_whoami, ttoken.kvno); - scIndex = 2; - } - } /*Got a ticket */ - } /*Authentication desired */ - else - scIndex = 0; - /* - * Generate the appropriate security object for the connection. - */ -#ifdef USS_VOL_DB - printf("[%s] Generating Rx security object\n", rn); -#endif /* USS_VOL_DB */ - switch (scIndex) { - case 0: - sc = (struct rx_securityClass *) - rxnull_NewClientSecurityObject(); - break; - - case 1: - break; - - case 2: - sc = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - break; + secFlags = AFSCONF_SECOPTS_FALLBACK_NULL; + if (a_noAuthFlag) + secFlags |= AFSCONF_SECOPTS_NOAUTH; + + code = afsconf_PickClientSecObj(tdir, secFlags, &info, a_cellName, + &sc, &scIndex, NULL); + if (code) { + printf("%s: Can't create client security object\n", uss_whoami); + exit(1); + } + if (scIndex == 0 && !a_noAuthFlag) { + fprintf(stderr, + "%s: Couldn't get AFS tokens, running unauthenticated.\n", + uss_whoami); } /* diff --git a/src/venus/afsio.c b/src/venus/afsio.c index 1db9208a2..e795e6bb0 100644 --- a/src/venus/afsio.c +++ b/src/venus/afsio.c @@ -159,7 +159,7 @@ struct connectionLookup { struct cellLookup { struct cellLookup *next; struct afsconf_cell info; - struct rx_securityClass *sc[3]; + struct rx_securityClass *sc; afs_int32 scIndex; }; @@ -274,7 +274,7 @@ main (int argc, char **argv) AFS_UNUSED afs_int32 -HandleLocalAuth(struct rx_securityClass **sc[3], afs_int32 *scIndex) +HandleLocalAuth(struct rx_securityClass **sc, afs_int32 *scIndex) { static struct afsconf_dir *tdir = NULL; struct ktc_principal sname; @@ -285,45 +285,20 @@ HandleLocalAuth(struct rx_securityClass **sc[3], afs_int32 *scIndex) char *cell; afs_int32 code; + *sc = NULL; + *scIndex = 0; + tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH); if (!tdir) { fprintf(stderr,"Could not open configuration directory: %s.\n", AFSDIR_SERVER_ETC_DIRPATH); return -1; } - cell = tdir->cellName; - strcpy(sname.cell, cell); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code=afsconf_GetLatestKey(tdir, &kvno, &key); + code = afsconf_ClientAuth(tdir, sc, &scIndex); if (code) { - fprintf(stderr,"afsconf_GetLatestKey returned %d\n", code); + fprintf(stderr,"afsconf_ClientAuth returned %d\n", code); return -1; } - ttoken.kvno = kvno; - des_init_random_number_generator(ktc_to_cblock(&key)); - code = des_random_key(ktc_to_cblock(&ttoken.sessionKey)); - if (code) { - fprintf(stderr,"des_random_key returned %d\n", code); - return -1; - } - ttoken.ticketLen = MAXKTCTICKETLEN; - code = tkt_MakeTicket(ttoken.ticket, &ttoken.ticketLen, &key, - AUTH_SUPERUSER, "", sname.cell, - 0, 0xffffffff, - &ttoken.sessionKey, host, - sname.name, sname.instance); - if (code) - *scIndex = 0; - else { - *scIndex = 2; - *sc[2] = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, - &ttoken.sessionKey, ttoken.kvno, - ttoken.ticketLen, ttoken.ticket); - } - if (*scIndex == 0) - *sc[0] = (struct rx_securityClass *) rxnull_NewClientSecurityObject(); return 0; } @@ -993,7 +968,7 @@ readFile(struct cmd_syndesc *as, void *unused) } first = 0; RXConn = FindRXConnection(useHost, htons(AFSCONF_FILEPORT), 1, - cl->sc[cl->scIndex], cl->scIndex); + cl->sc, cl->scIndex); if (!RXConn) { fprintf(stderr,"rx_NewConnection failed to server 0x%X\n", useHost); @@ -1205,7 +1180,7 @@ writeFile(struct cmd_syndesc *as, void *unused) gettimeofday (&starttime, &Timezone); useHost = hosts[0]; RXConn = FindRXConnection(useHost, htons(AFSCONF_FILEPORT), 1, - cl->sc[cl->scIndex], cl->scIndex); + cl->sc, cl->scIndex); if (!RXConn) { fprintf(stderr,"rx_NewConnection failed to server 0x%X\n", hosts[0]); @@ -1452,29 +1427,11 @@ FindCell(char *cellName) if (code = VLDBInit(1, &p->info)) fprintf(stderr,"VLDBInit failed for cell %s\n", p->info.name); #endif - strcpy((char *)&sname.cell, (char *)&p->info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) - p->scIndex = 0; - else { - if ((ttoken.kvno >= 0) && (ttoken.kvno <= 255)) - /* this is a kerberos ticket, set scIndex accordingly */ - p->scIndex = 2; - else { - fprintf(stderr,"funny kvno (%d) in ticket, proceeding\n", - ttoken.kvno); - p->scIndex = 2; - } - p->sc[2] = (struct rx_securityClass *) - rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - } - if (p->scIndex == 0) - p->sc[0] = (struct rx_securityClass *) - rxnull_NewClientSecurityObject(); + code = afsconf_ClientAuthToken(&p->info, 0, &p->sc, &p->scIndex); + if (code) { + p->scIndex = 0; + p->sc = rxnull_NewClientSecurityObject(); + } } if (p) diff --git a/src/viced/fsprobe.c b/src/viced/fsprobe.c index ec9193186..ff2f5ee07 100644 --- a/src/viced/fsprobe.c +++ b/src/viced/fsprobe.c @@ -39,23 +39,7 @@ pxclient_Initialize(int auth, afs_int32 serverAddr) } scIndex = 0; rx_SetRxDeadTime(50); - switch (scIndex) { - case 0: - sc = rxnull_NewClientSecurityObject(); - break; - -#ifdef notdef /* security */ - case 1: - sc = rxvab_NewClientSecurityObject(&ttoken.sessionKey, ttoken.ticket, - 0); - break; - - case 2: - sc = rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); -#endif /* notdef */ - } + sc = rxnull_NewClientSecurityObject(); serverconns[0] = rx_NewConnection(serverAddr, htons(7000), 1, sc, scIndex); diff --git a/src/viced/host.c b/src/viced/host.c index 6395925f9..89efeb72c 100644 --- a/src/viced/host.c +++ b/src/viced/host.c @@ -266,9 +266,8 @@ hpr_Initialize(struct ubik_client **uclient) { afs_int32 code; struct rx_connection *serverconns[MAXSERVERS]; - struct rx_securityClass *sc[3]; + struct rx_securityClass *sc; struct afsconf_dir *tdir; - struct ktc_token ttoken; afs_int32 scIndex; struct afsconf_cell info; afs_int32 i; @@ -302,55 +301,29 @@ hpr_Initialize(struct ubik_client **uclient) return code; } - scIndex = 2; - sc[0] = 0; - sc[1] = 0; - sc[2] = 0; /* Most callers use secLevel==1, however, the fileserver uses secLevel==2 * to force use of the KeyFile. secLevel == 0 implies -noauth was * specified. */ if ((afsconf_GetLatestKey(tdir, 0, 0) == 0)) { - code = afsconf_ClientAuthSecure(tdir, &sc[2], &scIndex); + code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex); if (code) ViceLog(0, ("hpr_Initialize: clientauthsecure returns %d %s (so trying noauth)", code, afs_error_message(code))); if (code) scIndex = 0; /* use noauth */ - if (scIndex != 2) - /* if there was a problem, an unauthenticated conn is returned */ - sc[scIndex] = sc[2]; } else { - struct ktc_principal sname; - strcpy(sname.cell, info.name); - sname.instance[0] = 0; - strcpy(sname.name, "afs"); - code = ktc_GetToken(&sname, &ttoken, sizeof(ttoken), NULL); - if (code) - scIndex = 0; - else { - if (ttoken.kvno >= 0 && ttoken.kvno <= 256) - /* this is a kerberos ticket, set scIndex accordingly */ - scIndex = 2; - else { - ViceLog(0, ("hpr_Initialize: funny kvno (%d) in ticket, proceeding", ttoken.kvno)); - scIndex = 2; - } - sc[2] = - rxkad_NewClientSecurityObject(rxkad_clear, &ttoken.sessionKey, - ttoken.kvno, ttoken.ticketLen, - ttoken.ticket); - } + afsconf_ClientAuthToken(&info, 0, &sc, &scIndex, NULL); } - if ((scIndex == 0) && (sc[0] == 0)) - sc[0] = rxnull_NewClientSecurityObject(); - if ((scIndex == 0)) + if ((scIndex == 0) && (sc == NULL)) + sc = rxnull_NewClientSecurityObject(); + if (scIndex == 0) ViceLog(0, ("hpr_Initialize: Could not get afs tokens, running unauthenticated. [%d]", code)); memset(serverconns, 0, sizeof(serverconns)); /* terminate list!!! */ for (i = 0; i < info.numServers; i++) { serverconns[i] = rx_NewConnection(info.hostAddr[i].sin_addr.s_addr, - info.hostAddr[i].sin_port, PRSRV, sc[scIndex], - scIndex); + info.hostAddr[i].sin_port, PRSRV, + sc, scIndex); } code = ubik_ClientInit(serverconns, uclient); @@ -358,7 +331,7 @@ hpr_Initialize(struct ubik_client **uclient) ViceLog(0, ("hpr_Initialize: ubik client init failed. [%d]", code)); } afsconf_Close(tdir); - code = rxs_Release(sc[scIndex]); + code = rxs_Release(sc); return code; } -- 2.39.5