[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3266-gc633f10
Jeremy Allison
jra at samba.org
Thu Jul 17 00:28:13 GMT 2008
The branch, v3-3-test has been updated
via c633f10d9e78327664e6bca51f66756bcf0505a6 (commit)
from 654f8de8497aff29f9b1f1822b6a8e734ff329e0 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit c633f10d9e78327664e6bca51f66756bcf0505a6
Author: Jeremy Allison <jra at samba.org>
Date: Wed Jul 16 17:27:05 2008 -0700
This patchset comprises a number of cleanups for the cifs upcall
binary. The biggest change is that it renames it from cifs.spnego
to cifs.upcall since the cifs.spnego name really isn't applicable
anymore.
It also fixes a segfault when the program is run without any args
and adds a manpage. Comments and/or suggestions appreciated.
This set should apply cleanly to the 3.3 test branch.
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages-3/cifs.upcall.8.xml | 115 ++++++++++++++++++++++++
source/Makefile.in | 20 ++--
source/client/{cifs.spnego.c => cifs.upcall.c} | 31 ++++---
source/configure.in | 32 ++++----
4 files changed, 161 insertions(+), 37 deletions(-)
create mode 100644 docs-xml/manpages-3/cifs.upcall.8.xml
rename source/client/{cifs.spnego.c => cifs.upcall.c} (94%)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/cifs.upcall.8.xml b/docs-xml/manpages-3/cifs.upcall.8.xml
new file mode 100644
index 0000000..8df776b
--- /dev/null
+++ b/docs-xml/manpages-3/cifs.upcall.8.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="cifs.upcall.8">
+
+
+<refmeta>
+ <refentrytitle>cifs.upcall</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="source">Samba</refmiscinfo>
+ <refmiscinfo class="manual">System Administration tools</refmiscinfo>
+ <refmiscinfo class="version">3.2</refmiscinfo>
+</refmeta>
+
+<refnamediv>
+ <refname>cifs.upcall</refname>
+ <refpurpose>Userspace upcall helper for Common Internet File System (CIFS)</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis>
+ <command>cifs.upcall</command>
+ <arg choice="opt">-c</arg>
+ <arg choice="opt">-v</arg>
+ <arg choice="req">keyid</arg>
+ </cmdsynopsis>
+</refsynopsisdiv>
+
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
+ <manvolnum>7</manvolnum></citerefentry> suite.</para>
+
+<para>cifs.upcall is a userspace helper program for the linux CIFS client
+filesystem. There are a number of activities that the kernel cannot easily
+do itself. This program is a callout program that does these things for the
+kernel and then returns the result.</para>
+
+<para>cifs.upcall is generally intended to be run when the kernel calls
+request-key<manvolnum>8</manvolnum> for a particular key type. While it
+can be run directly from the command-line, it's not generally intended
+to be run that way.</para>
+</refsect1>
+
+<refsect1>
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>-c</term>
+ <listitem><para>When handling a kerberos upcall, use a service principal that starts with "cifs/". The default is to use the "host/" service principal.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-v</term>
+ <listitem><para>Print version number and exit.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>CONFIGURATION FOR KEYCTL</title>
+ <para>cifs.upcall is designed to be called from the kernel via the request-key callout program. This requres that request-key be told where and how to call this program. The current cifs.upcall program handles two different key types:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>cifs.spnego</term>
+ <listitem><para>This keytype is for retrieving kerberos session keys
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>cifs.resolve</term>
+ <listitem><para>This key type is for resolving hostnames into IP addresses
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>To make this program useful for CIFS, you'll need to set up entries for them in request-key.conf<manvolnum>5</manvolnum>. Here's an example of an entry for each key type:</para>
+<programlisting>
+#OPERATION TYPE D C PROGRAM ARG1 ARG2...
+#========= ============= = = ==========================================
+create cifs.spnego * * /usr/local/sbin/cifs.upcall -c %k
+create cifs.resolver * * /usr/local/sbin/cifs.upcall %k
+</programlisting>
+<para>
+See <citerefentry><refentrytitle>request-key.conf<manvolnum>5</manvolnum></refentrytitle></citerefentry> for more info on each field.
+</para>
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>request-key.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>mount.cifs</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>Igor Mammedov wrote the cifs.upcall program.</para>
+ <para>Jeff Layton authored this manpage.</para>
+ <para>The maintainer of the Linux CIFS VFS is Steve French.</para>
+ <para>The <ulink url="mailto:linux-cifs-client at lists.samba.org">Linux
+ CIFS Mailing list</ulink> is the preferred place to ask
+ questions regarding these programs.
+ </para>
+</refsect1>
+
+</refentry>
diff --git a/source/Makefile.in b/source/Makefile.in
index cd70183..85837a8 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -178,7 +178,7 @@ PATH_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" \
SBIN_PROGS = bin/smbd at EXEEXT@ bin/nmbd at EXEEXT@ @SWAT_SBIN_TARGETS@ @EXTRA_SBIN_PROGS@
-ROOT_SBIN_PROGS = @CIFSMOUNT_PROGS@ @CIFSSPNEGO_PROGS@
+ROOT_SBIN_PROGS = @CIFSMOUNT_PROGS@ @CIFSUPCALL_PROGS@
BIN_PROGS1 = bin/smbclient at EXEEXT@ bin/net at EXEEXT@ bin/smbspool at EXEEXT@ \
bin/testparm at EXEEXT@ bin/smbstatus at EXEEXT@ bin/smbget at EXEEXT@
@@ -878,7 +878,7 @@ CIFS_MOUNT_OBJ = client/mount.cifs.o
CIFS_UMOUNT_OBJ = client/umount.cifs.o
-CIFS_SPNEGO_OBJ = client/cifs.spnego.o
+CIFS_UPCALL_OBJ = client/cifs.upcall.o
NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(LIBSAMBA_OBJ)
@@ -1340,9 +1340,9 @@ bin/umount.cifs at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ) @BUILD_POPT@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(CIFS_UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(POPT_LIBS)
-bin/cifs.spnego at EXEEXT@: $(BINARY_PREREQS) $(CIFS_SPNEGO_OBJ) $(LIBSMBCLIENT_OBJ1) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
+bin/cifs.upcall at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UPCALL_OBJ) $(LIBSMBCLIENT_OBJ1) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(CIFS_SPNEGO_OBJ) $(DYNEXP) $(LDFLAGS) \
+ @$(CC) $(FLAGS) -o $@ $(CIFS_UPCALL_OBJ) $(DYNEXP) $(LDFLAGS) \
-lkeyutils $(LIBS) $(LIBSMBCLIENT_OBJ1) $(KRB5LIBS) \
$(LDAP_LIBS) $(POPT_LIBS) $(LIBTALLOC_LIBS) $(WINBIND_LIBS) \
$(LIBTDB_LIBS)
@@ -2449,7 +2449,7 @@ bin/rpc_open_tcp at EXEEXT@: $(BINARY_PREREQS) $(RPC_OPEN_TCP_OBJ) @LIBTALLOC_SHARE
$(LIBS) $(LIBTALLOC_LIBS) @LIBTDB_SHARED@ $(WINBIND_LIBS) \
$(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS)
-install:: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSSPNEGO@ installman \
+install:: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSUPCALL@ installman \
installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ \
@INSTALL_PAM_MODULES@ installlibs
@@ -2476,9 +2476,9 @@ installcifsmount:: @CIFSMOUNT_PROGS@
@$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(ROOTSBINDIR)
@$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSMOUNT_PROGS@
-installcifsspnego:: @CIFSSPNEGO_PROGS@
+installcifsupcall:: @CIFSUPCALL_PROGS@
@$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(ROOTSBINDIR)
- @$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSSPNEGO_PROGS@
+ @$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSUPCALL_PROGS@
# Some symlinks are required for the 'probing' of modules.
# This mechanism should go at some point..
@@ -2545,7 +2545,7 @@ showlayout::
@echo " swatdir: $(SWATDIR)"
-uninstall:: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSSPNEGO@ uninstallscripts uninstalldat uninstallswat uninstallmodules uninstalllibs @UNINSTALL_PAM_MODULES@
+uninstall:: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSUPCALL@ uninstallscripts uninstalldat uninstallswat uninstallmodules uninstalllibs @UNINSTALL_PAM_MODULES@
uninstallman::
@$(SHELL) $(srcdir)/script/uninstallman.sh $(DESTDIR)$(MANDIR) $(srcdir) C
@@ -2559,8 +2559,8 @@ uninstallbin::
uninstallcifsmount::
@$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSMOUNT_PROGS@
-uninstallcifsspnego::
- @$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSSPNEGO_PROGS@
+uninstallcifsupcall::
+ @$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSUPCALL_PROGS@
uninstallmodules::
@$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(VFSLIBDIR) $(VFS_MODULES)
diff --git a/source/client/cifs.spnego.c b/source/client/cifs.upcall.c
similarity index 94%
rename from source/client/cifs.spnego.c
rename to source/client/cifs.upcall.c
index d10d19d..3860f33 100644
--- a/source/client/cifs.spnego.c
+++ b/source/client/cifs.upcall.c
@@ -1,5 +1,5 @@
/*
-* CIFS SPNEGO user-space helper.
+* CIFS user-space helper.
* Copyright (C) Igor Mammedov (niallain at gmail.com) 2007
*
* Used by /sbin/request-key for handling
@@ -8,8 +8,8 @@
* You should have keyutils installed and add following line to
* /etc/request-key.conf file
-create cifs.spnego * * /usr/local/sbin/cifs.spnego [-v][-c] %k
-create cifs.resolver * * /usr/local/sbin/cifs.spnego [-v] %k
+create cifs.spnego * * /usr/local/sbin/cifs.upcall [-v][-c] %k
+create cifs.resolver * * /usr/local/sbin/cifs.upcall [-v] %k
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -30,7 +30,7 @@ create cifs.resolver * * /usr/local/sbin/cifs.spnego [-v] %k
#include "cifs_spnego.h"
const char *CIFSSPNEGO_VERSION = "1.1";
-static const char *prog = "cifs.spnego";
+static const char *prog = "cifs.upcall";
typedef enum _secType {
KRB5,
MS_KRB5
@@ -200,6 +200,13 @@ int cifs_resolver(const key_serial_t key, const char *key_descr)
return 0;
}
+void
+usage(const char *prog)
+{
+ syslog(LOG_WARNING, "Usage: %s [-c] [-v] key_serial", prog);
+ fprintf(stderr, "Usage: %s [-c] [-v] key_serial\n", prog);
+}
+
int main(const int argc, char *const argv[])
{
struct cifs_spnego_msg *keydata = NULL;
@@ -215,10 +222,6 @@ int main(const int argc, char *const argv[])
char *buf, *hostname = NULL;
openlog(prog, 0, LOG_DAEMON);
- if (argc < 1) {
- syslog(LOG_WARNING, "Usage: %s [-c] key_serial", prog);
- goto out;
- }
while ((c = getopt(argc, argv, "cv")) != -1) {
switch (c) {
@@ -227,9 +230,8 @@ int main(const int argc, char *const argv[])
break;
}
case 'v':{
- syslog(LOG_WARNING, "version: %s", CIFSSPNEGO_VERSION);
- fprintf(stderr, "version: %s", CIFSSPNEGO_VERSION);
- break;
+ printf("version: %s\n", CIFSSPNEGO_VERSION);
+ goto out;
}
default:{
syslog(LOG_WARNING, "unknow option: %c", c);
@@ -237,6 +239,13 @@ int main(const int argc, char *const argv[])
}
}
}
+
+ /* is there a key? */
+ if (argc <= optind) {
+ usage(prog);
+ goto out;
+ }
+
/* get key and keyring values */
errno = 0;
key = strtol(argv[optind], NULL, 10);
diff --git a/source/configure.in b/source/configure.in
index 2ae5e35..cb0e37e 100644
--- a/source/configure.in
+++ b/source/configure.in
@@ -109,9 +109,9 @@ AC_SUBST(EXTRA_BIN_PROGS)
AC_SUBST(CIFSMOUNT_PROGS)
AC_SUBST(INSTALL_CIFSMOUNT)
AC_SUBST(UNINSTALL_CIFSMOUNT)
-AC_SUBST(CIFSSPNEGO_PROGS)
-AC_SUBST(INSTALL_CIFSSPNEGO)
-AC_SUBST(UNINSTALL_CIFSSPNEGO)
+AC_SUBST(CIFSUPCALL_PROGS)
+AC_SUBST(INSTALL_CIFSUPCALL)
+AC_SUBST(UNINSTALL_CIFSUPCALL)
AC_SUBST(EXTRA_SBIN_PROGS)
AC_SUBST(EXTRA_ALL_TARGETS)
AC_SUBST(CONFIG_LIBS)
@@ -4035,14 +4035,14 @@ AC_ARG_WITH(cifsmount,
)
#################################################
-# check for cifs.spnego support
+# check for cifs.upcall support
AC_CHECK_HEADERS([keyutils.h], [HAVE_KEYUTILS_H=1], [HAVE_KEYUTILS_H=0])
-CIFSSPNEGO_PROGS=""
-INSTALL_CIFSSPNEGO=""
-UNINSTALL_CIFSSPNEGO=""
-AC_MSG_CHECKING(whether to build cifs.spnego)
-AC_ARG_WITH(cifsspnego,
-[AS_HELP_STRING([--with-cifsspnego], [Include cifs.spnego (Linux only) support (default=no)])],
+CIFSUPCALL_PROGS=""
+INSTALL_CIFSUPCALL=""
+UNINSTALL_CIFSUPCALL=""
+AC_MSG_CHECKING(whether to build cifs.upcall)
+AC_ARG_WITH(cifsupcall,
+[AS_HELP_STRING([--with-cifsupcall], [Include cifs.upcall (Linux only) support (default=no)])],
[ case "$withval" in
no)
AC_MSG_RESULT(no)
@@ -4051,15 +4051,15 @@ AC_ARG_WITH(cifsspnego,
case "$host_os" in
*linux*)
if test x"$use_ads" != x"yes"; then
- AC_MSG_ERROR(ADS support should be enabled for building cifs.spnego)
+ AC_MSG_ERROR(ADS support should be enabled for building cifs.upcall)
elif test x"$HAVE_KEYUTILS_H" != "x1"; then
- AC_MSG_ERROR(keyutils package is required for cifs.spnego)
+ AC_MSG_ERROR(keyutils package is required for cifs.upcall)
else
AC_MSG_RESULT(yes)
- AC_DEFINE(WITH_CIFSSPNEGO,1,[whether to build cifs.spnego])
- CIFSSPNEGO_PROGS="bin/cifs.spnego"
- INSTALL_CIFSSPNEGO="installcifsspnego"
- UNINSTALL_CIFSSPNEGO="uninstallcifsspnego"
+ AC_DEFINE(WITH_CIFSUPCALL,1,[whether to build cifs.upcall])
+ CIFSUPCALL_PROGS="bin/cifs.upcall"
+ INSTALL_CIFSUPCALL="installcifsupcall"
+ UNINSTALL_CIFSUPCALL="uninstallcifsupcall"
fi
;;
*)
--
Samba Shared Repository
More information about the samba-cvs
mailing list