/*
- gssd.c
-
- Copyright (c) 2000 The Regents of the University of Michigan.
- All rights reserved.
-
- Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
- Copyright (c) 2002 Andy Adamson <andros@UMICH.EDU>.
- Copyright (c) 2002 Marius Aamodt Eriksen <marius@UMICH.EDU>.
- Copyright (c) 2002 J. Bruce Fields <bfields@UMICH.EDU>.
- All rights reserved, all wrongs reversed.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
-
- 1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- 3. Neither the name of the University nor the names of its
- contributors may be used to endorse or promote products derived
- from this software without specific prior written permission.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-*/
+ * gssd.c
+ *
+ * Copyright (c) 2000 The Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
+ * Copyright (c) 2002 Andy Adamson <andros@UMICH.EDU>.
+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@UMICH.EDU>.
+ * Copyright (c) 2002 J. Bruce Fields <bfields@UMICH.EDU>.
+ *
+ * Copyright (c) 2016, Intel Corporation.
+ *
+ * All rights reserved, all wrongs reversed.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#include "config.h"
#include <fcntl.h>
#include <errno.h>
-
#include <unistd.h>
#include <err.h>
#include <stdio.h>
#include "gss_util.h"
#include "err_util.h"
#include "lsupport.h"
+#include <linux/lustre/lustre_ver.h>
+
+int null_enabled;
+int krb_enabled;
+int sk_enabled;
void
closeall(int min)
dup2(tempfd, 2);
closeall(3);
}
-
- return;
}
static void
{
/* don't exit on SIGHUP */
printerr(1, "Received SIGHUP... Ignoring.\n");
- return;
}
static void
fprintf(stderr, "-o - Service OSS\n");
fprintf(stderr, "-g - Service MGS\n");
fprintf(stderr, "-k - Enable kerberos support\n");
+#ifdef HAVE_OPENSSL_SSK
+ fprintf(stderr, "-s - Enable shared secret key support\n");
+#endif
+ fprintf(stderr, "-z - Enable gssnull support\n");
- exit(1);
+ exit(fp == stderr);
}
int
int must_srv_mds = 0, must_srv_oss = 0, must_srv_mgs = 0;
char *progname;
- while ((opt = getopt(argc, argv, "fnvmogk")) != -1) {
+ while ((opt = getopt(argc, argv, "fnvmogksz")) != -1) {
switch (opt) {
case 'f':
fg = 1;
case 'h':
usage(stdout, argv[0]);
break;
+ case 's':
+#ifdef HAVE_OPENSSL_SSK
+ sk_enabled = 1;
+#else
+ fprintf(stderr, "error: request for SSK but service "
+ "support not enabled\n");
+ usage(stderr, argv[0]);
+#endif
+ break;
+ case 'z':
+ null_enabled = 1;
+ break;
default:
usage(stderr, argv[0]);
break;
else
progname = argv[0];
+ if (!sk_enabled && !krb_enabled && !null_enabled) {
+#if LUSTRE_VERSION_CODE < OBD_OCD_VERSION(3, 0, 53, 0)
+ fprintf(stderr, "warning: no -k, -s, or -z option given, "
+ "assume -k for backward compatibility\n");
+ krb_enabled = 1;
+#else
+ fprintf(stderr, "error: need one of -k, -s, or -z options\n");
+ usage(stderr, argv[0]);
+
+#endif
+ }
initerr(progname, verbosity, fg);
/* For kerberos use gss mechanisms but ignore for sk and null */
- if (krb_enabled && gssd_check_mechs() == 0) {
+ if (krb_enabled) {
+ if (gssd_check_mechs()) {
+ printerr(0, "ERROR: problem with gssapi library\n");
+ exit(1);
+ }
if (gssd_get_local_realm()) {
printerr(0, "ERROR: Can't get Local Kerberos realm\n");
exit(1);