#include <atalk/logger.h>
#include <atalk/server_ipc.h>
#include <atalk/uuid.h>
+#include <atalk/globals.h>
-#include "globals.h"
#include "auth.h"
#include "uam_auth.h"
#include "switch.h"
#include "acls.h"
#endif
-int afp_version = 11;
static int afp_version_index;
-
-uid_t uuid;
-
-#if defined( sun ) && !defined( __svr4__ ) || defined( ultrix )
-
-int *groups;
-#define GROUPS_SIZE sizeof(int)
-
-#else /* sun __svr4__ ultrix */
-
-gid_t *groups;
-#define GROUPS_SIZE sizeof(gid_t)
-#endif /* sun ultrix */
-
-int ngroups;
-
-/*
- * These numbers are scattered throughout the code.
- */
-static struct afp_versions afp_versions[] = {
- { "AFP2.2", 22 },
- { "AFPX03", 30 },
- { "AFP3.1", 31 },
- { "AFP3.2", 32 },
- { "AFP3.3", 33 }
-};
-
static struct uam_mod uam_modules = {NULL, NULL, &uam_modules, &uam_modules};
static struct uam_obj uam_login = {"", "", 0, {{NULL, NULL, NULL, NULL }}, &uam_login,
&uam_login};
void status_versions( char *data, const DSI *dsi)
{
char *start = data;
- u_int16_t status;
+ uint16_t status;
int len, num, i, count = 0;
memcpy(&status, start + AFPSTATUS_VERSOFF, sizeof(status));
void status_uams(char *data, const char *authlist)
{
char *start = data;
- u_int16_t status;
+ uint16_t status;
struct uam_obj *uams;
int len, num = 0;
if ((err == AFP_OK) || (err == AFPERR_AUTHCONT))
return err;
- obj->reply(obj->handle, err);
+ obj->reply(obj->dsi, err);
obj->exit(0);
return AFP_OK;
return( AFPERR_NOOP );
}
-static int set_auth_switch(int expired)
+static int set_auth_switch(const AFPObj *obj, int expired)
{
int i;
}
else {
afp_switch = postauth_switch;
- switch (afp_version) {
+ switch (obj->afp_version) {
case 33:
case 32:
return AFP_OK;
}
+#define GROUPSTR_BUFSIZE 1024
+static const char *print_groups(int ngroups, gid_t *groups)
+{
+ static char groupsstr[GROUPSTR_BUFSIZE];
+ int i;
+ char *s = groupsstr;
+
+ if (ngroups == 0)
+ return "-";
+
+ for (i = 0; (i < ngroups) && (s < &groupsstr[GROUPSTR_BUFSIZE]); i++) {
+ s += snprintf(s, &groupsstr[GROUPSTR_BUFSIZE] - s, " %u", groups[i]);
+ }
+
+ return groupsstr;
+}
+
static int login(AFPObj *obj, struct passwd *pwd, void (*logout)(void), int expired)
{
#ifdef ADMIN_GRP
int admin = 0;
#endif /* ADMIN_GRP */
-#if 0
- set_processname("afpd");
-#endif
-
if ( pwd->pw_uid == 0 ) { /* don't allow root login */
LOG(log_error, logtype_afpd, "login: root login denied!" );
return AFPERR_NOTAUTH;
/* Basically if the user is in the admin group, we stay root */
- if (( ngroups = getgroups( 0, NULL )) < 0 ) {
+ if ((obj->ngroups = getgroups( 0, NULL )) < 0 ) {
LOG(log_error, logtype_afpd, "login: %s getgroups: %s", pwd->pw_name, strerror(errno) );
return AFPERR_BADUAM;
}
- if ( NULL == (groups = calloc(ngroups, GROUPS_SIZE)) ) {
- LOG(log_error, logtype_afpd, "login: %s calloc: %d", ngroups);
+ if ( NULL == (obj->groups = calloc(obj->ngroups, sizeof(gid_t))) ) {
+ LOG(log_error, logtype_afpd, "login: %s calloc: %d", obj->ngroups);
return AFPERR_BADUAM;
}
- if (( ngroups = getgroups( ngroups, groups )) < 0 ) {
+ if (( obj->ngroups = getgroups(obj->ngroups, obj->groups )) < 0 ) {
LOG(log_error, logtype_afpd, "login: %s getgroups: %s", pwd->pw_name, strerror(errno) );
return AFPERR_BADUAM;
}
if (obj->options.admingid != 0) {
int i;
- for (i = 0; i < ngroups; i++) {
- if (groups[i] == obj->options.admingid) admin = 1;
+ for (i = 0; i < obj->ngroups; i++) {
+ if (obj->groups[i] == obj->options.admingid) admin = 1;
}
}
if (admin) {
}
#endif /* TRU64 */
- if (ngroups > 0) {
- #define GROUPSTR_BUFSIZE 1024
- char groupsstr[GROUPSTR_BUFSIZE];
- char *s = groupsstr;
- int j = GROUPSTR_BUFSIZE;
-
- int n = snprintf(groupsstr, GROUPSTR_BUFSIZE, "%u", groups[0]);
- j -= n;
- s += n;
-
- for (int i = 1; i < ngroups; i++) {
- n = snprintf(s, j, ", %u", groups[i]);
- if (n == j) {
- /* Buffer full */
- LOG(log_debug, logtype_afpd, "login: group string buffer overflow");
- break;
- }
- j -= n;
- s += n;
- }
- LOG(log_debug, logtype_afpd, "login: %u supplementary groups: %s", ngroups, groupsstr);
- }
+ LOG(log_debug, logtype_afpd, "login: supplementary groups: %s", print_groups(obj->ngroups, obj->groups));
/* There's probably a better way to do this, but for now, we just play root */
#ifdef ADMIN_GRP
if (admin)
- uuid = 0;
+ obj->uid = 0;
else
#endif /* ADMIN_GRP */
- uuid = pwd->pw_uid;
+ obj->uid = geteuid();
- set_auth_switch(expired);
+ set_auth_switch(obj, expired);
/* save our euid, we need it for preexec_close */
obj->uid = geteuid();
obj->logout = logout;
+ /* pam_umask or similar might have changed our umask */
+ (void)umask(obj->options.umask);
+
return( AFP_OK );
}
int afp_zzz(AFPObj *obj, char *ibuf, size_t ibuflen, char *rbuf, size_t *rbuflen)
{
uint32_t data;
- DSI *dsi = (DSI *)AFPobj->handle;
+ DSI *dsi = (DSI *)AFPobj->dsi;
*rbuflen = 0;
ibuf += 2;
char *ibuf, size_t ibuflen,
char *rbuf, size_t *rbuflen)
{
- u_int16_t type;
- u_int32_t idlen = 0;
- u_int32_t boottime;
- u_int32_t tklen, tp;
+ uint16_t type;
+ uint32_t idlen = 0;
+ uint32_t boottime;
+ uint32_t tklen, tp;
char *token;
char *p;
if (ibuflen < idlen || idlen > (90-10)) {
return AFPERR_PARAM;
}
- ipc_child_write(obj->ipc_fd, IPC_GETSESSION, idlen+8, p);
+ if (!obj->sinfo.clientid) {
+ obj->sinfo.clientid = malloc(idlen + 8);
+ memcpy(obj->sinfo.clientid, p, idlen + 8);
+ obj->sinfo.clientid_len = idlen + 8;
+ }
+ if (ipc_child_write(obj->ipc_fd, IPC_GETSESSION, idlen+8, p) != 0)
+ return AFPERR_MISC;
tklen = obj->sinfo.sessiontoken_len;
token = obj->sinfo.sessiontoken;
}
/* ---------------------- */
int afp_disconnect(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size_t *rbuflen)
{
- DSI *dsi = (DSI *)obj->handle;
- u_int16_t type;
- u_int32_t tklen;
+ DSI *dsi = (DSI *)obj->dsi;
+ uint16_t type;
+ uint32_t tklen;
pid_t token;
int i;
setitimer(ITIMER_REAL, &none, NULL);
/* check for old session, possibly transfering session from here to there */
- if (ipc_child_write(obj->ipc_fd, IPC_DISCOLDSESSION, tklen, &token) == -1)
+ if (ipc_child_write(obj->ipc_fd, IPC_DISCOLDSESSION, tklen, &token) != 0)
goto exit;
/* write uint16_t DSI request ID */
if (writet(obj->ipc_fd, &dsi->header.dsi_requestID, 2, 0, 2) != 2) {
num = sizeof( afp_versions ) / sizeof( afp_versions[ 0 ]);
for ( i = 0; i < num; i++ ) {
if ( strncmp( ibuf, afp_versions[ i ].av_name , len ) == 0 ) {
- afp_version = afp_versions[ i ].av_number;
+ obj->afp_version = afp_versions[ i ].av_number;
afp_version_index = i;
break;
}
if ( i == num ) /* An inappropo version */
return AFPERR_BADVERS ;
- if (afp_version >= 30 && obj->proto != AFPPROTO_DSI)
- return AFPERR_BADVERS ;
-
/* FIXME Hack */
- if (afp_version >= 30 && sizeof(off_t) != 8) {
+ if (obj->afp_version >= 30 && sizeof(off_t) != 8) {
LOG(log_error, logtype_afpd, "get_version: no LARGE_FILE support recompile!" );
return AFPERR_BADVERS ;
}
size_t len;
int i;
char type;
- u_int16_t len16;
+ uint16_t len16;
char *username;
*rbuflen = 0;
int afp_logout(AFPObj *obj, char *ibuf _U_, size_t ibuflen _U_, char *rbuf _U_, size_t *rbuflen)
{
- DSI *dsi = (DSI *)(obj->handle);
+ DSI *dsi = (DSI *)(obj->dsi);
LOG(log_note, logtype_afpd, "AFP logout by %s", obj->username);
- of_close_all_forks();
- close_all_vol();
+ of_close_all_forks(obj);
+ close_all_vol(obj);
dsi->flags = DSI_AFP_LOGGED_OUT;
*rbuflen = 0;
return AFP_OK;
if ((len + 1) & 1) /* pad byte */
ibuf++;
- if ( afp_version < 30) {
+ if (obj->afp_version < 30) {
len = (unsigned char) *ibuf++;
if ( len > sizeof(username) - 1) {
return AFPERR_PARAM;
(ret == AFPERR_AUTHCONT) ? "continued" :
(ret ? "failed" : "succeeded"));
if ( ret == AFP_OK )
- set_auth_switch(0);
+ set_auth_switch(obj, 0);
return ret;
}
/* FPGetUserInfo */
int afp_getuserinfo(AFPObj *obj _U_, char *ibuf, size_t ibuflen _U_, char *rbuf, size_t *rbuflen)
{
- u_int8_t thisuser;
- u_int32_t id;
- u_int16_t bitmap;
+ uint8_t thisuser;
+ uint32_t id;
+ uint16_t bitmap;
char *bitmapp;
LOG(log_debug, logtype_afpd, "begin afp_getuserinfo:");
return -1;
strlcpy(buf, list, sizeof(buf));
- if ((p = strtok(buf, ",")) == NULL)
+ if ((p = strtok(buf, ", ")) == NULL)
return -1;
strcpy(name, path);
} else {
LOG(log_info, logtype_afpd, "uam: uam not found (status=%d)", stat(name, &st));
}
- p = strtok(NULL, ",");
+ p = strtok(NULL, ", ");
}
return 0;