From patchwork Tue Jan 8 17:30:45 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 210460 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "userp1040.oracle.com", Issuer "VeriSign Class 3 International Server CA - G3" (not verified)) by ozlabs.org (Postfix) with ESMTPS id CFBEB2C0085 for ; Wed, 9 Jan 2013 04:30:53 +1100 (EST) Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id r08HUoXS000936 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 8 Jan 2013 17:30:51 GMT Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r08HUnkA014704 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 8 Jan 2013 17:30:50 GMT Received: from localhost ([127.0.0.1] helo=oss.oracle.com) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1Tsd0j-0001ME-Og; Tue, 08 Jan 2013 09:30:49 -0800 Received: from acsinet22.oracle.com ([141.146.126.238]) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1Tsd0i-0001M6-Au for fedfs-utils-devel@oss.oracle.com; Tue, 08 Jan 2013 09:30:48 -0800 Received: from aserp1030.oracle.com (aserp1030.oracle.com [141.146.126.68]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r08HUlZt014639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 8 Jan 2013 17:30:48 GMT Received: from mail-ia0-f180.google.com (mail-ia0-f180.google.com [209.85.210.180]) by aserp1030.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id r08HUknC001110 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK) for ; Tue, 8 Jan 2013 17:30:47 GMT Received: by mail-ia0-f180.google.com with SMTP id t4so572847iag.25 for ; Tue, 08 Jan 2013 09:30:46 -0800 (PST) X-Received: by 10.50.16.210 with SMTP id i18mr9940473igd.53.1357666246535; Tue, 08 Jan 2013 09:30:46 -0800 (PST) Received: from seurat.1015granger.net (adsl-99-26-161-222.dsl.sfldmi.sbcglobal.net. [99.26.161.222]) by mx.google.com with ESMTPS id uz1sm11129846igb.16.2013.01.08.09.30.45 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 08 Jan 2013 09:30:46 -0800 (PST) From: Chuck Lever To: fedfs-utils-devel@oss.oracle.com Date: Tue, 08 Jan 2013 12:30:45 -0500 Message-ID: <20130108173044.65331.46154.stgit@seurat.1015granger.net> In-Reply-To: <20130108173026.65331.51229.stgit@seurat.1015granger.net> References: <20130108173026.65331.51229.stgit@seurat.1015granger.net> User-Agent: StGIT/0.14.3 MIME-Version: 1.0 X-Flow-Control-Info: class=Default reputation=ipRepBelow100 ip=209.85.210.180 ct-class=R5 ct-vol1=-88 ct-vol2=8 ct-vol3=7 ct-risk=49 ct-spam1=78 ct-spam2=6 ct-bulk=6 rcpts=1 size=5553 X-MM-CT-Classification: not spam X-MM-CT-RefID: str=0001.0A090201.50EC57C7.00B9,ss=1,re=0.000,fgs=0 Subject: [fedfs-utils] [PATCH 3/4] libnsdb: Add nsdb_sectype() X-BeenThere: fedfs-utils-devel@oss.oracle.com X-Mailman-Version: 2.1.9 Precedence: list Reply-To: fedfs-utils Developers List-Id: fedfs-utils Developers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: fedfs-utils-devel-bounces@oss.oracle.com Errors-To: fedfs-utils-devel-bounces@oss.oracle.com X-Source-IP: acsinet22.oracle.com [141.146.126.238] Introduce an accessor function for the fn_sectype field. This will allow further API simplification. Signed-off-by: Chuck Lever --- src/fedfsd/svc.c | 21 +++++++++++++++---- src/include/nsdb.h | 2 ++ src/libnsdb/nsdb.c | 13 +++++++++++- src/nsdbparams/show.c | 53 ++++++++++++++++++++++++++++++++----------------- 4 files changed, 65 insertions(+), 24 deletions(-) diff --git a/src/fedfsd/svc.c b/src/fedfsd/svc.c index e26da13..93b110b 100644 --- a/src/fedfsd/svc.c +++ b/src/fedfsd/svc.c @@ -1078,7 +1078,6 @@ static void fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt) { FedFsGetLimitedNsdbParamsRes result; - struct fedfs_secdata secdata; char *hostname = NULL; unsigned short port; FedFsNsdbName args; @@ -1097,10 +1096,22 @@ fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt) if (result.status != FEDFS_OK) goto out; - result.status = nsdb_lookup_nsdb(hostname, port, &host, &secdata); - if (result.status == FEDFS_OK) - result.FedFsGetLimitedNsdbParamsRes_u.secType = - (FedFsConnectionSec)secdata.type; + result.status = nsdb_lookup_nsdb(hostname, port, &host, NULL); + if (result.status != FEDFS_OK) + goto out; + + switch (nsdb_sectype(host)) { + case FEDFS_SEC_NONE: + case FEDFS_SEC_TLS: + result.status = FEDFS_OK; + result.FedFsGetLimitedNsdbParamsRes_u.secType = nsdb_sectype(host); + break; + default: + result.status = FEDFS_ERR_SVRFAULT; + xlog(L_WARNING, "Unrecognized NSDB connection security " + "type for %s:%u", hostname, port); + } + nsdb_free_nsdb(host); free(hostname); diff --git a/src/include/nsdb.h b/src/include/nsdb.h index 46f87ee..2612263 100644 --- a/src/include/nsdb.h +++ b/src/include/nsdb.h @@ -242,6 +242,8 @@ void nsdb_free_nsdb(nsdb_t host); const char *nsdb_hostname(const nsdb_t host); size_t nsdb_hostname_len(const nsdb_t host); unsigned short nsdb_port(const nsdb_t host); +FedFsConnectionSec + nsdb_sectype(const nsdb_t host); const char *nsdb_certfile(const nsdb_t host); const char *nsdb_default_binddn(const nsdb_t host); const char *nsdb_default_nce(const nsdb_t host); diff --git a/src/libnsdb/nsdb.c b/src/libnsdb/nsdb.c index dcea59e..c854995 100644 --- a/src/libnsdb/nsdb.c +++ b/src/libnsdb/nsdb.c @@ -292,6 +292,17 @@ unsigned short nsdb_port(const nsdb_t host) } /** + * Return nsdb_t's NSDB connection security type + * + * @param host pointer to initialized nsdb_t struct + * @return NSDB's port number + */ +FedFsConnectionSec nsdb_sectype(const nsdb_t host) +{ + return (FedFsConnectionSec)host->fn_sectype; +} + +/** * Return filename containing nsdb_t's certificate * * @param host pointer to initialized nsdb_t @@ -1568,7 +1579,7 @@ nsdb_open_nsdb(nsdb_t host, const char *binddn, const char *passwd, if (retval != FEDFS_OK) return retval; - switch (host->fn_sectype) { + switch (nsdb_sectype(host)) { case FEDFS_SEC_NONE: break; case FEDFS_SEC_TLS: diff --git a/src/nsdbparams/show.c b/src/nsdbparams/show.c index d95f61c..ee70cdc 100644 --- a/src/nsdbparams/show.c +++ b/src/nsdbparams/show.c @@ -78,6 +78,38 @@ nsdbparams_show_usage(const char *progname) } /** + * Display NSDB connection parameters for "host" + * + * @param host initialized nsdb_t + */ +static void +nsdbparams_show_display(nsdb_t host) +{ + char *c; + + printf("%s:%u:\n", nsdb_hostname(host), nsdb_port(host)); + switch (nsdb_sectype(host)) { + case FEDFS_SEC_NONE: + printf("\tconnection security: NONE\n"); + break; + case FEDFS_SEC_TLS: + printf("\tconnection security: TLS\n"); + printf("\tcertificate file: %s\n", nsdb_certfile(host)); + break; + default: + printf("\tconnection security: unrecognized\n"); + } + printf("\tfollow referrals: %s\n", + nsdb_follow_referrals(host) ? "yes" : "no"); + c = (char *)nsdb_default_binddn(host); + if (c != NULL) + printf("\tdefault bind DN: %s\n", c); + c = (char *)nsdb_default_nce(host); + if (c != NULL) + printf("\tdefault NCE: %s\n", c); +} + +/** * Show one NSDB entry in our NSDB connection parameter database * * @param progname NUL-terminated UTF-8 string containing name of this program @@ -89,10 +121,7 @@ int nsdbparams_show(const char *progname, int argc, char **argv) { unsigned short nsdbport = LDAP_PORT; - struct fedfs_secdata secdata = { - .type = 0, - }; - char *c, *nsdbname, *endptr; + char *nsdbname, *endptr; FedFsStatus status; unsigned long tmp; struct passwd *pw; @@ -207,23 +236,11 @@ nsdbparams_show(const char *progname, int argc, char **argv) return EXIT_FAILURE; } - status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, &secdata); + status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, NULL); switch (status) { case FEDFS_OK: - printf("%s:%u:\n", nsdbname, nsdbport); - printf("\tconnection security: %s\n", - nsdb_display_fedfsconnectionsec(secdata.type)); - printf("\tfollow referrals: %s\n", - nsdb_follow_referrals(host) ? "yes" : "no"); - c = (char *)nsdb_default_binddn(host); - if (c != NULL) - printf("\tdefault bind DN: %s\n", c); - c = (char *)nsdb_default_nce(host); - if (c != NULL) - printf("\tdefault NCE: %s\n", c); + nsdbparams_show_display(host); nsdb_free_nsdb(host); - if (secdata.type != FEDFS_SEC_NONE) - printf("secdata:\n%s\n", secdata.data); break; case FEDFS_ERR_NSDB_PARAMS: xlog(L_ERROR, "No record for %s was found", nsdbname);