AFS
view release on metacpan or search on metacpan
[2] this step is optional
setenv AFS_SYSNAME 'AFS_system_type' # tcsh-shell
export AFS_SYSNAME 'AFS_system_type' # sh-shell
perl Makefile.PL
----> Which AFS system libraries should be used? [/usr/afsws]
make
make test
make install
make html ;#(if you want to get the HTML documentation, see also next section)
PLATFORMS
In the meantime I have only access to Linux machines. Therefore I
have tested this version of the AFS module bundle only on the Linux
platform with the following combinations
OS @sys compiler OpenAFS Perl (threaded/non-threaded)
---------------------------------------------------------------------------------
Linux 32-bit i386_linux26 gcc 1.4.10 5.10.0 non-threaded
system libraries, for a "non-threaded" Perl you have to use the
standard libraries.
To find out what type of Perl you are using, just run the command:
perl ./test_ptype
If it says
'Your Perl is 'Non-Threaded Perl'
then you need the standard system libraries and you can skip to
the next section (BUILDING & INSTALLING).
If it says
Your Perl is 'Threaded Perl'
then you need the PIC type system libraries. Unfortunately the
PIC type system libraries are not created for OpenAFS 1.4.X by
default. Therefore you have to patch your OpenAFS installation.
This is the sequence of commands to build the PIC type system libraries:
gunzip AFS-<version>.tar.gz
[2] this step is optional
setenv AFS_SYSNAME 'AFS_system_type' # tcsh-shell
export AFS_SYSNAME 'AFS_system_type' # sh-shell
perl Makefile.PL
----> Which AFS system libraries should be used? [/usr/afsws]
make
make test
make install
make html ;#(if you want to get the HTML documentation, see also next section)
PLATFORMS
In the meantime I have only access to Linux machines. Therefore I
have tested this version of the AFS module bundle only on the
Linux platform with the following combinations
OS @sys compiler OpenAFS Perl (threaded/non-threaded)
---------------------------------------------------------------------------------
Linux 64-bit amd64_linux26 gcc 1.4.11 5.10.0 non-threaded
LICENCES/COPYING view on Meta::CPAN
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
LICENCES/COPYING view on Meta::CPAN
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
LICENCES/COPYING view on Meta::CPAN
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
LICENCES/IBM-LICENCE view on Meta::CPAN
the Contribution. No hardware per se is licensed hereunder.
c) Recipient understands that although each Contributor grants the
licenses to its Contributions set forth herein, no assurances are
provided by any Contributor that the Program does not infringe the
patent or other intellectual property rights of any other entity.
Each Contributor disclaims any liability to Recipient for claims
brought by any other entity based on infringement of intellectual
property rights or otherwise. As a condition to exercising the
rights and licenses granted hereunder, each Recipient hereby
assumes sole responsibility to secure any other intellectual
property rights needed, if any. For example, if a third party
patent license is required to allow Recipient to distribute the
Program, it is Recipient's responsibility to acquire that license
before distributing the Program.
d) Each Contributor represents that to its knowledge it has sufficient
copyright rights in its Contribution, if any, to grant the
copyright license set forth in this Agreement.
3. REQUIREMENTS
LICENCES/IBM-LICENCE view on Meta::CPAN
commercial product offering should do so in a manner which does not
create potential liability for other Contributors. Therefore, if a
Contributor includes the Program in a commercial product offering,
such Contributor ("Commercial Contributor") hereby agrees to defend
and indemnify every other Contributor ("Indemnified Contributor")
against any losses, damages and costs (collectively "Losses") arising
from claims, lawsuits and other legal actions brought by a third party
against the Indemnified Contributor to the extent caused by the acts
or omissions of such Commercial Contributor in connection with its
distribution of the Program in a commercial product offering. The
obligations in this section do not apply to any claims or Losses
relating to any actual or alleged intellectual property infringement.
In order to qualify, an Indemnified Contributor must: a) promptly
notify the Commercial Contributor in writing of such claim, and b)
allow the Commercial Contributor to control, and cooperate with the
Commercial Contributor in, the defense and any related settlement
negotiations. The Indemnified Contributor may participate in any such
claim at its own expense.
For example, a Contributor might include the Program in a commercial
product offering, Product X. That Contributor is then a Commercial
Contributor. If that Commercial Contributor then makes performance
claims, or offers warranties related to Product X, those performance
claims and warranties are such Commercial Contributor's responsibility
alone. Under this section, the Commercial Contributor would have to
defend claims against the other Contributors related to those
performance claims and warranties, and if a court requires any other
Contributor to pay any damages as a result, the Commercial Contributor
must pay those damages.
5. NO WARRANTY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS
PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY
examples/v2/kas/examine view on Meta::CPAN
my $packed = $$entry{'misc_auth_bytes'};
my $pwexpire = (($packed >> 24) & 0xff);
my $is_locked = (($packed >> 16) & 0xff);
my $nfail = (($packed >> 8) & 0xff);
my $locktime = (($packed >> 0) & 0xff);
if (! $pwexpire) { print "\t password will never expire.\n"; }
else { print "\t password will expire: $pwexpire\n"; }
if (! $nfail) { print "\t An unlimited number of unsuccessful authentications is permitted.\n"; }
else { print "\t $nfail consecutive unsuccessful authentications are permitted.\n";
if (! $locktime) { print "\t The lock time for this user is not limited.\n"; }
else { print "\t The lock time for this user is $locktime minutes. !!! umrechnen !!!\n"; }
if (! $is_locked) { print "\t IS_LOCKED: muss noch gecheckt werden !!!\n"; }
else { print "\t IS_LOCKED: uss noch gecheckt werden !!!\n"; }
}
}
my $exp_date = $$entry{'user_expiration'};
if ($$entry{'user_expiration'} < 0) { print "\t entry never expires."; }
elsif ($$entry{'user_expiration'} < $now) { print "\t DISABLED entry at $exp_date."; }
examples/v2/kas/setfields view on Meta::CPAN
my $entry = $kas->getentry($user->name, $user->instance);
print "\n\nUser data for ", $user->name, $user->instance, ": \n";
foreach my $tp_key (sort keys %$entry) {
printf("%20s %s\n",$tp_key, $$entry{$tp_key});
}
my $flags = 1; # (1 = normal, 4 = admin)
my $expire = 925715000;# 03 May 1999 07:03
my $maxassoc = 0;
my $lifetime = 48*60*60; # unit is secs; => 48 hrs
my $pwexpire = 10; # number of days
my $pw_reuse = 2; # pwreuse allowed: [1 = yes], [2 = no], [0 = not changed]
my $nfail = 4; # (nfail - 1) tries are allowed; => 3 tries
my $locktime = 3; # unit is 8.5 min => 3 * (8.5)
$pwexpire++;
$nfail++;
$locktime++;
my $packed= (($pwexpire << 24) | ($pw_reuse << 16) | ($nfail << 8) | $locktime );
examples/v2/pts/constructor view on Meta::CPAN
#!/usr/local/bin/perl
use blib;
use strict;
use warnings;
use AFS::PTS;
use AFS::Cell qw (localcell);
my ($sec, $cell, $pts);
die "Usage: $0 [security [cell]]\n" if $#ARGV > 1;
$sec = 1 if $#ARGV == -1;
$cell = localcell if $#ARGV < 1;
$sec = shift unless $sec;
$cell = shift unless $cell;
$pts = AFS::PTS->new($sec, $cell);
if ($AFS::CODE) { print "Error Code: $AFS::CODE\n"; }
else { print "OK \n"; }
test_it($pts);
sub test_it {
my $self = shift;
$self->DESTROY;
}
examples/v2/vos/listvol view on Meta::CPAN
if ($vol =~ /volume_busy/) {
print "\t**** Volume $partlist->{$part}->{$vol}->{volid} is busy **** \n";
}
elsif ($vol =~ /volume_notok/) {
print "\t**** Could not attach volume $partlist->{$part}->{$vol}->{volid} **** \n";
}
else {
print "\t$vol:\n";
}
foreach my $key (sort keys %{$partlist->{$part}->{$vol}}) {
if ($key =~ /(Reads|Writes|>1wk|1day-1wk|1hr-1day|10min-1hr|1-10min|0-60sec)/) {
print "\t\tKey $key:\n";
foreach (sort keys %{$partlist->{$part}->{$vol}->{$key}}) {
print "\t\t\tKey: $_, Value: $partlist->{$part}->{$vol}->{$key}->{$_}\n";
}
}
elsif ($key =~ /(updateDate|creationDate)/) {
print "\t\tKey: $key, Value: ", ctime($partlist->{$part}->{$vol}->{$key}), "\n";
}
else {
print "\t\tKey: $key, Value: $partlist->{$part}->{$vol}->{$key}\n";
pod/v2/afsperlkas.pod view on Meta::CPAN
my $kas = AFS::KAS->AuthServerConn($token, &AFS::KA_MAINTENANCE_SERVICE);
my $user = AFS::KTC_PRINCIPAL->new('xyz');
my $ukey = AFS::KTC_EKEY->ReadPassword($user->name."'s Password:");
my $ok = $kas->create($user->name, $user->instance, $ukey);
my $flags = 1; # (1 = normal, 4 = admin)
my $expire = 925715000;# epoch time => 03 May 1999 07:03
my $maxassoc = 0;
my $lifetime = 48*60*60; #unit is secs; => 48 hrs
my $pwexpire = 10; #number of days
my $pw_reuse = 2; #pwreuse allowed: [ 2 = no ]
my $nfail = 4; #(nfail - 1) tries are allowed; => 3 tries
my $locktime = 3; #unit is 8.5 min => 3 * (8.5)
my $spare2 = 0;
my $packed = (($pwexpire << 24)|($pw_reuse << 16)|($nfail << 8)|$locktime);
$ok = $kas->setfields($user->name, $user->instance, $flags,
$expire, $lifetime, $maxassoc, $packed);
pod/v2/afsperlkas.pod view on Meta::CPAN
&AFS::KAFNORMAL regular user
&AFS::KAFADMIN an administrator
&AFS::KAFNOTGS not allow principal to get or use TGT
&AFS::KAFNOSEAL not allow principal as server in GetTicket
&AFS::KAFNOCPW not allow principal to change its own key
&AFS::KAFNEWASSOC allow user to create associates
EXPIRE is the epoch time after which attempts to authenticate as this user
will fail. The LIFETIME can be set to limit the lifetime of an
authentication ticket created for a user (unit is secs). MAXASSOC
defaults to -1. PACKED is an array of four bytes. It contains
PACKED[0]: password lifetime; range must be [0..254] days; 0 = infinity
PACKED[1]: password reuse; [1 = yes], [2 = no], [0 = not changed]
PACKED[2]: numb of failed logins; (fail - 1) tries are allowed; 0 = infinity
PACKED[3]: lock time, must be set in units of 8.5 minutes; 0 = infinity
This call requires a connection encrypted with an AdminTicket. It
calls the AFS system library function 'KAM_SetFields'.
pod/v2/afsperlktct.pod view on Meta::CPAN
=item B<CONSTRUCTOR>
=item S< >
=item B<$ok = AFS::KTC_TOKEN-E<gt>GetAuthToken(USER, EKEY, LIFE [, PWEXP]);>
Creates a token for the service KA_TICKET_GRANTING_SERVICE (a ticket
granting ticket, TGT) for a particular USER and saves it in the memory
(kernel token cache). EKEY contains the user's encryption key and
LIFE indicates how long the token will be valid (in seconds, given in
5 minute intervals). If PWEXP (default -1) is given it returns the
number of days till the password expires. USER must be an instance of
AFS::KTC_PRINCIPAL and EKEY an instance of AFS::KTC_EKEY. B<This
method must be performed first before you can get any service token
(method GetServerToken)>. This method calls the AFS system library
function 'ka_GetAuthToken'.
=item B<$token = AFS::KTC_TOKEN-E<gt>GetServerToken(SERVICE, LIFE [, NEWTK]);>
Returns a token for the specified SERVICE. LIFE indicates how long
the token will be valid (in seconds, given in 5 minute intervals). If
NEWTK is set to 1 (default), then the function should get a new token
if necessary. SERVICE must be an instance of AFS::KTC_PRINCIPAL. It
requires that you already possess a TGT (method GetAuthToken). It
calls the AFS system library function 'ka_GetServerToken'.
=item B<$token = AFS::KTC_TOKEN-E<gt>GetAdminToken(USER, EKEY, LIFE [, NEWTK [, REASON]]);>
Creates an administration token for the specified USER. It saves the
token in the memory (kernel token cache) and additionally it returns
the token. EKEY contains the encryption key and LIFE indicates how
long the token will be valid (in seconds, given in 5 minute
intervals). If NEWTK is set to 1 (default), then the function should
get a new token if necessary. On error the error message is returned
in REASON. USER must be an instance of AFS::KTC_PRINCIPAL and EKEY an
instance of AFS::KTC_EKEY. It calls the AFS system library function
'ka_GetAdminToken'.
=item B<$token = AFS::KTC_TOKEN-E<gt>nulltoken;>
Returns a NULL token. This token is only for use with the KAS methods
C<AuthServerConn> and C<SingleServerConn>. Do not use it with any other
pod/v2/afsperlktct.pod view on Meta::CPAN
principal USER in the memory (kernel token cache). Possible Flags are
C<AFS_SETTOK_SETPAG> and C<AFS_SETTOK_LOGON>. It calls the AFS system
library function 'ktc_SetToken'.
=item B<$ok = AFS::KTC_TOKEN-E<gt>UserAuthenticateGeneral(USER, PASSWORD, LIFE, FLAGS [, PWEXP [, REASON]]);>
Undertakes all necessary steps for a complete authentication of
principal USER. It converts the string PASSWORD (the cleartext
password) for the principal USER to an encryption key. Then it creates
a TGT token. After that it asks for a service token for service I<AFS>
with a life time of LIFE (in seconds, given in 5 minute intervals).
Finally it saves the service token in the memory (kernel token cache).
Possible values for FLAGS are C<KA_USERAUTH_VERSION> and
C<KA_USERAUTH_DOSETPAG>. If PWEXP (default -1) is given it returns the
number of days till the password expires. On error the error message
is returned in REASON. It calls the AFS system library function
'ka_UserAuthenticateGeneral'.
=item B<$ok = AFS::KTC_TOKEN-E<gt>ForgetAllTokens;>
pod/v2/afsperlpts.pod view on Meta::CPAN
=item S< >
=item B<$pts = AFS::PTS-E<gt>new(([SEC [, CELL]]);>
Creates a new object of the class AFS::PTS. An AFS::PTS object is
essentially a handle to talk to the Protection Server in a given
CELL. Internally an AFS::PTS object is a pointer to a ubik_client
structure, although this may change and the value returned from
AFS::PTS::new should always be treaded as an opaque handle.
CELL defaults to NULL. The security level SEC (default 1) is a number
from 0 to 2:
0 un-authenticated connection should be made
1 try authenticated first, fall back to un-authenticated
2 fail if an authenticated connection can't be made
=item B<DESTRUCTOR>
=item S< >
pod/v2/afsperlpts.pod view on Meta::CPAN
be set to a non-zero value and only &AFS::PR_MAXGROUPS items will be
returned. It calls the AFS system library function 'PR_GetCPS'.
=item B<$id = $pts-E<gt>id($NAME [, ANON]]);>
=item B<@id = $pts-E<gt>id(\@NAME [, ANON]]);>
=item B<$idref = $pts-E<gt>id(\%NAME [, ANON]]);>
Converts the NAME into a AFS id. The first method returns a single
id. The second method takes a reference to an array of names and
returns an array of ids. The third method takes a reference to a hash
table, the keys of which are names, and returns a reference to the
B<same hash>, with the ids as the value of each key.
If ANON is 1 (default) and a given name does not map into an id then
the value &AFS::ANONYMOUSID will be returned. If ANON is 0 then the id
will be set to undef. It calls the AFS system library function
'PR_NameToID'.
=item B<$ok = $pts-E<gt>ismember(NAME, GROUP);>
pod/v2/afsperlpts.pod view on Meta::CPAN
be set to a non-zero value and only &AFS::PR_MAXGROUPS items will be
returned. It calls the AFS system library function 'PR_ListElements'.
=item B<$name = $pts-E<gt>name(ID [, ANON]]);>
=item B<@name = $pts-E<gt>name(ID [, ANON]]);>
=item B<$nameref = $pts-E<gt>name(ID [, ANON]]);>
Converts AFS ID into a name. The first method returns a single
name. The second method takes a reference to an array of ids and
returns an array of names. The third method takes a reference to a
hash table, the keys of which are ids, and returns a reference to the
B<same hash>, with the names as the value of each key. If ANON is 1
(default) and a given id does not map into a name then the id value
will be converted to a string (i.e, 11234 => "11234").
If ANON is 0 then the name will be set to undef. It calls the AFS
system library function 'PR_IDToName'.
=item B<@members = $pts-E<gt>owned(NAME [, LOOKUP_ID [, OVER]]);>
pod/v2/afsperlvldb.pod view on Meta::CPAN
=item B<$vldb = AFS::VLDB-E<gt>new([VERBOSE [, TIMEOUT [, NOAUTH [, LOCALAUTH [, CELL [, ENCRYPT]]]]]);>
Creates a new object of the class AFS::VLDB. An AFS::VLDB object is
essentially a handle to talk to the Volume Location Server.
Internally an AFS::VLDB object is a pointer to a ubik_client
structure, although this may change and the value returned from
AFS::VLDB::new should always be treaded as an opaque handle.
Set VERBOSE (default 0) to 1 to produce on the standard output stream
a detailed trace of the method's execution. TIMEOUT is the time of
inactivity in seconds before the connection to the VLDB server is
declared dead (default 90 seconds). Set LOCALAUTH (default 0) to 1
only when issuing a command on a server machine. If NOAUTH is 1
(default 0) it establishes an unauthenticated connection to the
server, in which the servers treat the issuer as an unprivileged user.
CELL (default NULL) specifies the cell in which to run the
command. Set ENCRYPT to 1 (default 0) to encrypt the connection to the
VLDB server.
=item B<DESTRUCTOR>
=item S< >
pod/v2/afsperlvos.pod view on Meta::CPAN
=item B<$vos = AFS::VOS-E<gt>new([VERBOSE [, TIMEOUT [, NOAUTH [, LOCALAUTH [, CELL [, ENCRYPT]]]]]);>
Creates a new object of the class AFS::VOS. An AFS::VOS object is
essentially a handle to talk to the Volume Server. Internally an
AFS::VOS object is a pointer to a ubik_client structure, although this
may change and the value returned from AFS::VOS::new should always be
treaded as an opaque handle.
Set VERBOSE (default 0) to 1 to produce on the standard output stream
a detailed trace of the method's execution. TIMEOUT is the time of
inactivity in seconds before the connection to the VOS server is
declared dead (default 90 seconds). Set LOCALAUTH (default 0) to 1
only when issuing a command on a server machine. If NOAUTH is 1
(default 0) it establishes an unauthenticated connection to the
server, in which the servers treat the issuer as an unprivileged user.
CELL (default NULL) specifies the cell in which to run the
command. Set ENCRYPT to 1 (default 0) to encrypt the connection to the
VOS server.
=item B<DESTRUCTOR>
=item S< >
pod/v2/afsperlvos.pod view on Meta::CPAN
FPARTITION to the destination site TSERVER, TPARTITION. VOLUME
specifies either the complete name or volume ID number of the volume.
It returns the volume id number of the moved volume. It calls the AFS
system library function I<UV_MoveVolume>.
=item B<$ok = $vos-E<gt>offline(SERVER, PARTITION, VOLUME [, BUSY, SLEEP]);>
Takes the specified volume offline. VOLUME specifies either the
complete name or volume ID number of the volume. If you set BUSY
(default 0) to 1 the volume will be marked as I<busy> for the
specified SLEEP seconds. It calls the AFS system library function
I<UV_SetVolume>.
=item B<$ok = $vos-E<gt>online(SERVER, PARTITION, VOLUME);>
Brings the specified volume online. VOLUME specifies either the
complete name or volume ID number of the volume. It calls the AFS
system library function I<UV_SetVolume>.
=item B<$partinfo = $vos-E<gt>partinfo( SERVER [, PARTITION]);>
sprintf(buffer, "VOLSER: not all entries were successfully processed\n");
break;
default:
sprintf(buffer, "Unknown ERROR code\n");
break;
}
return 0;
}
#ifdef AFS_PTHREAD_ENV
void IOMGR_Sleep (seconds)
int seconds;
{
double i,j;
croak("DEBUG: IOMGR_Sleep not available ...\nPlease inform the author...");
j = 0.0;
i = 1.0/j;
}
void clock_UpdateTime ()
{
name++;
}
return 1; /* name is (most likely numeric) */
}
/* end of general helper functions */
/* helper functions for PTS class: */
static struct ubik_client *internal_pts_new(code, sec, cell)
int32 *code;
int32 sec;
char *cell;
{
struct rx_connection *serverconns[MAXSERVERS];
struct rx_securityClass *sc = NULL;
struct ktc_token token;
struct afsconf_cell info;
/* tpf nog 03/29/99
* caused by changes in ubikclient.c,v 2.20 1996/12/10
* and in ubikclient.c,v 2.24 1997/01/21
* struct ubik_client *client; */
struct ubik_client *client = 0;
struct ktc_principal prin;
int32 i;
*code = rx_Init(0);
if (*code) {
char buffer[256];
sprintf(buffer, "AFS::PTS: could not initialize Rx (%d)\n", *code);
BSETCODE(code, buffer);
return NULL;
}
rx_initialized = 1;
}
if (sec > 0) {
strcpy(prin.cell, info.name);
prin.instance[0] = 0;
strcpy(prin.name, "afs");
*code = ktc_GetToken(&prin, &token, sizeof(token), NULL);
if (*code) {
if (sec == 2) {
char buffer[256];
sprintf(buffer, "AFS::PTS: failed to get token for service AFS (%d)\n", *code);
BSETCODE(code, buffer);
return NULL; /* we want security or nothing */
}
sec = 0;
}
else {
sc = (struct rx_securityClass *) rxkad_NewClientSecurityObject
(rxkad_clear, &token.sessionKey, token.kvno,
token.ticketLen, token.ticket);
}
}
if (sec == 0)
sc = (struct rx_securityClass *) rxnull_NewClientSecurityObject();
else
sec = 2;
bzero(serverconns, sizeof(serverconns));
for (i = 0; i < info.numServers; i++) {
serverconns[i] = rx_NewConnection(info.hostAddr[i].sin_addr.s_addr,
info.hostAddr[i].sin_port, PRSRV, sc, sec);
}
*code = ubik_ClientInit(serverconns, &client);
if (*code) {
char buffer[256];
sprintf(buffer, "AFS::PTS: Can't initialize ubik connection to Protection server (%d)\n", *code);
BSETCODE(code, buffer);
return NULL;
}
*code = rxs_Release(sc);
n = *set++;
while (--n)
if (*set++ == c)
return (af);
return (!af);
}
/* copy taken from <src/ubik/uinit.c> OpenAFS-1.4.14.1 */
static afs_int32
internal_ugen_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
struct ubik_client **uclientp, int (*secproc) (),
char *funcName, afs_int32 gen_rxkad_level,
afs_int32 maxservers, char *serviceid, afs_int32 deadtime,
afs_uint32 server, afs_uint32 port, afs_int32 usrvid)
{
afs_int32 code, scIndex, i;
struct afsconf_cell info;
struct afsconf_dir *tdir;
struct ktc_principal sname;
struct ktc_token ttoken;
struct rx_securityClass *sc;
/* This must change if VLDB_MAXSERVERS becomes larger than MAXSERVERS */
static struct rx_connection *serverconns[MAXSERVERS];
char cellstr[64];
if (!rx_initialized) {
/* printf("ugen DEBUG rx_Init\n"); */
code = rx_Init(0);
if (code) {
char buffer[256];
sprintf(buffer, "%s: could not initialize rx.\n", funcName);
funcName, AFSDIR_SERVER_ETC_DIRPATH);
code = -1;
VSETCODE(code, buffer);
return (code);
}
code = afsconf_ClientAuth(tdir, &sc, &scIndex); /* sets sc,scIndex */
if (code) {
afsconf_Close(tdir);
char buffer[256];
sprintf(buffer,
"%s: Could not get security object for -localAuth\n",
funcName);
VSETCODE(code, buffer);
return (code);
}
code = afsconf_GetCellInfo(tdir, tdir->cellName, serviceid, &info);
if (code) {
afsconf_Close(tdir);
char buffer[256];
sprintf(buffer,
"%s: can't find cell %s's hosts in %s/%s\n",
case 0:
sc = rxnull_NewClientSecurityObject();
break;
case 2:
sc = rxkad_NewClientSecurityObject(gen_rxkad_level,
&ttoken.sessionKey,
ttoken.kvno, ttoken.ticketLen,
ttoken.ticket);
break;
default:
sprintf(buffer, "%s: unsupported security index %d\n",
funcName, scIndex);
code = 1;
VSETCODE(code, buffer);
return (code);
break;
}
}
afsconf_Close(tdir);
if (secproc) /* tell UV module about default authentication */
(*secproc) (sc, scIndex);
if (server) {
serverconns[0] = rx_NewConnection(server, port,
usrvid, sc, scIndex);
} else {
if (info.numServers > maxservers) {
char buffer[256];
sprintf(buffer,
"%s: info.numServers=%d (> maxservers=%d)\n",
funcName, info.numServers, maxservers);
code = 1;
VSETCODE(code, buffer);
return (code);
}
}
return 0;
}
/* copy taken from <src/volser/vsutils.c> OpenAFS-1.4.14.1 */
static afs_int32
internal_vsu_ClientInit(int noAuthFlag, const char *confDir, char *cellName, afs_int32 sauth,
struct ubik_client **uclientp, int (*secproc)())
{
return internal_ugen_ClientInit(noAuthFlag, confDir, cellName, sauth, uclientp,
secproc, "internal_vsu_ClientInit", vsu_rxkad_level,
VLDB_MAXSERVERS, AFSCONF_VLDBSERVICE, 90,
0, 0, USER_SERVICE_ID);
}
/* end of helper functions for VOS && VLDB class */
/* helper functions for VOS class: */
#ifndef OpenAFS
void vsu_SetCrypt(cryptflag)
safe_hv_store(stats, "Writes", 6, newRV_inc((SV *) (stat2)), 0);
safe_hv_store(stat3, "fileSameAuthor", 12,
newSViv(a_xInfoP->stat_fileSameAuthor[VOLINT_STATS_TIME_IDX_0]), 0);
safe_hv_store(stat3, "fileDiffAuthor", 12,
newSViv(a_xInfoP->stat_fileDiffAuthor[VOLINT_STATS_TIME_IDX_0]), 0);
safe_hv_store(stat3, "dirSameAuthor", 11,
newSViv(a_xInfoP->stat_dirSameAuthor[VOLINT_STATS_TIME_IDX_0]), 0);
safe_hv_store(stat3, "dirDiffAuthor", 11,
newSViv(a_xInfoP->stat_dirDiffAuthor[VOLINT_STATS_TIME_IDX_0]), 0);
safe_hv_store(stats, "0-60sec", 7, newRV_inc((SV *) (stat3)), 0);
safe_hv_store(stat4, "fileSameAuthor", 12,
newSViv(a_xInfoP->stat_fileSameAuthor[VOLINT_STATS_TIME_IDX_1]), 0);
safe_hv_store(stat4, "fileDiffAuthor", 12,
newSViv(a_xInfoP->stat_fileDiffAuthor[VOLINT_STATS_TIME_IDX_1]), 0);
safe_hv_store(stat4, "dirSameAuthor", 11,
newSViv(a_xInfoP->stat_dirSameAuthor[VOLINT_STATS_TIME_IDX_1]), 0);
safe_hv_store(stat4, "dirDiffAuthor", 11,
newSViv(a_xInfoP->stat_dirDiffAuthor[VOLINT_STATS_TIME_IDX_1]), 0);
safe_hv_store(stats, "1-10min", 7, newRV_inc((SV *) (stat4)), 0);
tname)
int32 *code;
char *hostname;
int localauth;
int noauth;
int aencrypt;
char *tname;
{
struct hostent *th;
register struct rx_connection *tconn;
struct rx_securityClass *sc[3];
int scIndex;
afs_int32 addr;
int encryptLevel;
struct ktc_principal sname;
struct ktc_token ttoken;
/* printf("bos DEBUG-1: %s \n", cdir); */
th = (struct hostent *) hostutil_GetHostByName(hostname);
if (!th) {
char buffer[256];
sprintf(buffer, "AFS::BOS %d (can't find cell '%s' in cell database)",
*code, (tname ? tname : "<default>"));
BSETCODE(code, buffer);
/* printf("bos DEBUG-5\n"); */
return NULL;
}
strcpy(sname.cell, info.name);
sname.instance[0] = 0;
strcpy(sname.name, "afs");
sc[0] = (struct rx_securityClass *) rxnull_NewClientSecurityObject();
sc[1] = 0;
sc[2] = (struct rx_securityClass *) NULL;
scIndex = 0;
if (!noauth) { /* not -noauth */
if (localauth) { /* -localauth */
*code = afsconf_GetLatestKey(cdir, 0, 0);
if (*code)
fprintf(stderr, "AFS::BOS %d (getting key from local KeyFile)", *code);
else {
if (aencrypt)
*code = afsconf_ClientAuthSecure(cdir, &sc[2], &scIndex);
else {
fprintf(stderr,
"AFS::BOS: funny kvno (%d) in ticket, proceeding\n",
ttoken.kvno);
}
/* kerberos tix */
if (aencrypt)
encryptLevel = rxkad_crypt;
else
encryptLevel = rxkad_clear;
sc[2] = (struct rx_securityClass *)
rxkad_NewClientSecurityObject
(encryptLevel, &ttoken.sessionKey,
ttoken.kvno, ttoken.ticketLen, ttoken.ticket);
scIndex = 2;
}
else
fprintf(stderr, "AFS::BOS %d (getting tickets)", *code);
}
if ((scIndex == 0) || (sc[scIndex] == 0)) {
fprintf(stderr, "AFS::BOS: running unauthenticated\n");
if ((crypt) && (!SvIOKp(crypt))) {
char buffer[256];
sprintf(buffer, "Flag \"crypt\" should be numeric.\n");
VSETCODE(EINVAL, buffer);
XSRETURN_UNDEF;
}
icrypt = SvIV(crypt);
/* Initialize the ubik_client connection */
rx_SetRxDeadTime(itimeout); /* timeout seconds inactivity before declared dead */
cstruct = (struct ubik_client *) 0;
if (icrypt) /* -crypt specified */
vsu_SetCrypt(1);
code = internal_vsu_ClientInit((inoauth != 0),
AFSDIR_CLIENT_ETC_DIRPATH, tcell, ilocalauth,
&cstruct, UV_SetSecurity);
if (code == 0) {
ST(0) = sv_newmortal();
int crypt
PREINIT:
int32 code = -1;
extern int verbose;
PPCODE:
{
if (tcell && (tcell[0] == '\0' || tcell[0] == '0'))
tcell = NULL;
/* Initialize the ubik_client connection */
rx_SetRxDeadTime(timeout); /* timeout seconds inactivity before declared dead */
cstruct = (struct ubik_client *) 0;
verbose = verb;
if (crypt) /* -crypt specified */
vsu_SetCrypt(1);
code = internal_vsu_ClientInit((noauth != 0),
AFSDIR_CLIENT_ETC_DIRPATH, tcell, localauth,
&cstruct, UV_SetSecurity);
if (code == 0) {
ST(0) = sv_newmortal();
sv_setref_pv(ST(0), "AFS::VLDB", (void *) cstruct);
}
else {
safe_hv_store(key, "keyCheckSum", 11, newSVuv(keyInfo.keyCheckSum), 0);
}
}
sprintf(index, "%d", kvno);
safe_hv_store(list, index, strlen(index), newRV_inc((SV *) (key)), 0);
} /* for loop */
if (everWorked) {
/* fprintf(stderr, "Keys last changed on %d.\n", keyInfo.mod_sec); */
EXTEND(sp, 2);
PUSHs(sv_2mortal(newSViv(keyInfo.mod_sec)));
PUSHs(newRV_inc((SV *) (list)));
}
if (code != BZDOM) {
char buffer[256];
sprintf(buffer, "AFS::BOS: %s error encountered while listing keys\n", em(code));
BSETCODE(code, buffer);
}
else {
code = 0;
}
done:
RETVAL = (code == 0);
}
OUTPUT:
RETVAL
MODULE = AFS PACKAGE = AFS::PTS PREFIX = pts_
AFS::PTS
pts__new(class=0, sec=1, cell=0)
char * class
int32 sec
char * cell
PREINIT:
int32 code = -1;
AFS__PTS server;
PPCODE:
{
if (cell && (cell[0] == '\0' || cell[0] == '0'))
cell = NULL;
server = internal_pts_new(&code, sec, cell);
# SETCODE(code); wird tiefer gesetzt...
if (code == 0) {
ST(0) = sv_newmortal();
sv_setref_pv(ST(0), "AFS::PTS", (void *) server);
XSRETURN(1);
}
else
XSRETURN_UNDEF;
}
src/PTS/PTS.pm view on Meta::CPAN
use AFS ();
use vars qw(@ISA $VERSION);
@ISA = qw(AFS);
$VERSION = 'v2.6.4';
sub new {
# this whole construct is to please the old version from Roland
if ($_[0] =~ /AFS::PTS/) { my $class = shift; }
my $sec = shift;
my $cell = shift;
my @args = ();
push @args, $sec if defined $sec;
push @args, $cell if defined $cell;
AFS::PTS::_new('AFS::PTS', @args);
}
sub DESTROY {
my (undef, undef, undef, $subroutine) = caller(1);
if (! defined $subroutine or $subroutine !~ /eval/) { undef $_[0]; } # self->DESTROY
else { AFS::PTS::_DESTROY($_[0]); } # undef self
}
src/PTS/t/PTS.t view on Meta::CPAN
can_ok('AFS::PTS', qw(PR_WhereIsIt));
$pts->DESTROY;
ok(! defined $pts, 'pts->DESTROY');
sub leak_test {
my $cell = shift;
my $count = 0;
my $sec = 1;
while(1) {
$count++;
my $pts = AFS::PTS->new($sec, $cell);
$pts->DESTROY();
if ($count == 1210) { last; }
}
return $count;
}
src/afs_prototypes.h view on Meta::CPAN
/*
* afs_prototypes.h for AFS Perl Extension module
*
* Prototypes for OpenAFS subroutines
* picked up from the OpenAFS header files
*/
#if defined(OpenAFS_1_0) || defined(OpenAFS_1_1) || defined(OpenAFS_1_2) || defined(OpenAFS_1_3)
extern const char *error_message();
#endif
extern int UV_SetSecurity(struct rx_securityClass *, afs_int32);
extern char *hostutil_GetNameByINet();
extern struct hostent *hostutil_GetHostByName(register char *ahost);
extern char *volutil_PartitionName();
extern int afsconf_ClientAuthSecure(struct afsconf_dir *,struct rx_securityClass **, int *);
extern int afsUUID_from_string(const char *str, afsUUID * uuid);
extern int afsUUID_to_string(const afsUUID * uuid, char *str, size_t strsz);
extern int des_read_pw_string(char *, int, char *, int);
extern int Lp_GetRwIndex(struct nvldbentry *);
extern int Lp_ROMatch(afs_int32, afs_int32, struct nvldbentry *entry);
extern void MapPartIdIntoName(afs_int32 partId, char *partName);
extern void MapNetworkToHost(struct nvldbentry *old, struct nvldbentry *new);
extern void MapHostToNetwork(struct nvldbentry *entry);
extern int pioctl(char *,int, struct ViceIoctl *, int);
extern int PrintError(char *msg, afs_int32 errcode);
src/ppport.h view on Meta::CPAN
macro. Just C<#define> the macro before including C<ppport.h>:
#define DPPP_NAMESPACE MyOwnNamespace_
#include "ppport.h"
The default namespace is C<DPPP_>.
=back
The good thing is that most of the above can be checked by running
F<ppport.h> on your source code. See the next section for
details.
=head1 EXAMPLES
To verify whether F<ppport.h> is needed for your module, whether you
should make any changes to your code, and whether any special defines
should be used, F<ppport.h> can be run as a Perl script to check your
source code. Simply say:
perl ppport.h
src/ppport.h view on Meta::CPAN
Zero|||
_aMY_CXT|5.007003||p
_add_range_to_invlist|||
_append_range_to_invlist|||
_core_swash_init|||
_get_swash_invlist|||
_invlist_array_init|||
_invlist_contains_cp|||
_invlist_contents|||
_invlist_dump|||
_invlist_intersection_maybe_complement_2nd|||
_invlist_intersection|||
_invlist_invert_prop|||
_invlist_invert|||
_invlist_len|||
_invlist_populate_swatch|||
_invlist_search|||
_invlist_subtract|||
_invlist_union_maybe_complement_2nd|||
_invlist_union|||
_is_uni_FOO||5.017008|
_is_uni_perl_idcont||5.017008|
src/ppport.h view on Meta::CPAN
* data from C. All statics in extensions should be reworked to use
* this, if you want to make the extension thread-safe. See ext/re/re.xs
* for an example of the use of these macros.
*
* Code that uses these macros is responsible for the following:
* 1. #define MY_CXT_KEY to a unique string, e.g. "DynaLoader_guts"
* 2. Declare a typedef named my_cxt_t that is a structure that contains
* all the data that needs to be interpreter-local.
* 3. Use the START_MY_CXT macro after the declaration of my_cxt_t.
* 4. Use the MY_CXT_INIT macro such that it is called exactly once
* (typically put in the BOOT: section).
* 5. Use the members of the my_cxt_t structure everywhere as
* MY_CXT.member.
* 6. Use the dMY_CXT macro (a declaration) in all the functions that
* access MY_CXT.
*/
#if defined(MULTIPLICITY) || defined(PERL_OBJECT) || \
defined(PERL_CAPI) || defined(PERL_IMPLICIT_CONTEXT)
#ifndef START_MY_CXT
src/t/AFS.t view on Meta::CPAN
use_ok('AFS', qw (
error_message constant
)
);
}
sub foo { return &AFS::KA_USERAUTH_DOSETPAG }
# test error_message
is(error_message(&AFS::PRNOMORE), 'may not create more groups', 'Return Code AFS::PRNOMORE');
is(error_message(180502), 'too many Ubik security objects outstanding', 'Return Code 180502');
# test subroutine returning a constant
is(foo(42,17), 65536, 'Sub Foo returns constant (2 args)');
is(foo(42), 65536, 'Sub Foo returns constant (1 arg)');
is(foo(), 65536, 'Sub Foo returns constant (no args)');
# test constant
is(constant('PRIDEXIST'), 267265, 'Constant PRIDEXIST');
is(constant('PRIDEXIST', 2), 267265, 'Constant PRIDEXIST with argument');
isnt(constant('zzz'), 267265, 'Unknown Constant zzz');
( run in 1.649 second using v1.01-cache-2.11-cpan-39bf76dae61 )