OpenAFS Master Repository branch, openafs-stable-1_8_x, updated. openafs-stable-1_8_9-69-g002c5a0
Gerrit Code Review
gerrit@openafs.org
Thu, 30 Mar 2023 11:24:03 -0400
The following commit has been merged in the openafs-stable-1_8_x branch:
commit 002c5a0c758aeb023c0fb2caa2247e8574fff1aa
Author: Andrew Deason <adeason@sinenomine.net>
Date: Mon Feb 10 15:57:43 2014 -0600
Move key-related warnings to common server code
Each server process can log a couple of different warnings about the
server keys found on disk:
- If afsconf_GetLatestKey() returns success (indicating a single-DES
key is present), we call LogDesWarning().
- If afsconf_CountKeys() returns 0 (indicating there are no keys at
all on disk), we log a warning that all authenticated access will
fail.
Currently, the code to do these checks and log the relevant warning is
duplicated across the startup code for nearly every server process. To
avoid this duplication, and to make sure the checks aren't
accidentally skipped for anyone, move these checks to
afsconf_BuildServerSecurityObjects, which every server process calls.
We must add an additional parameter to
afsconf_BuildServerSecurityObjects to handle the different logging
mechanism these servers use, but afsconf_BuildServerSecurityObjects is
declared in a public header (cellconfig.h), and is exported in a
public library (libafsauthent). So to avoid changing a public symbol,
introduce a new variant of the function, called
afsconf_BuildServerSecurityObjects_int. Declare this in a new internal
header, authcon.h.
We don't have easily-usable logging functions for upserver and butc,
so just don't log the warnings for those. For ubik servers, don't
update ubik_SetServerSecurityProcs to use the new function; the
initial call to afsconf_BuildServerSecurityObjects_int in the server's
startup code will cover logging the warning on startup.
Reviewed-on: https://gerrit.openafs.org/10831
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 2630e70550defc664efa0952589cf82ed3c51796)
Change-Id: Ib37b92cfccbf161d72d2db73eeaea6fd8b312961
Reviewed-on: https://gerrit.openafs.org/15316
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
src/auth/Makefile.in | 6 ++++-
src/auth/NTMakefile | 1 +
src/auth/authcon.c | 60 ++++++++++++++++++++++++++++++++++++++++---
src/auth/authcon.h | 46 +++++++++++++++++++++++++++++++++
src/auth/liboafs_auth.la.sym | 1 +
src/bozo/bosserver.c | 15 ++++++-----
src/budb/server.c | 14 +++++-----
src/butc/tcmain.c | 12 ++++-----
src/dviced/NTMakefile | 5 +++-
src/dvolser/NTMakefile | 3 +++
src/ptserver/ptserver.c | 16 ++++++------
src/tvolser/NTMakefile | 2 ++
src/update/server.c | 13 +++++-----
src/util/afsutil_prototypes.h | 1 -
src/util/liboafs_util.la.sym | 1 -
src/util/serverLog.c | 16 ------------
src/viced/NTMakefile | 5 +++-
src/viced/viced.c | 18 ++++++-------
src/vlserver/vlserver.c | 15 +++++------
src/volser/volmain.c | 15 +++++------
tests/auth/authcon-t.c | 7 ++++-
tests/common/servers.c | 7 ++++-
22 files changed, 191 insertions(+), 88 deletions(-)
--
OpenAFS Master Repository