#include <krb5.h>
#include <stropts.h>
+
+#include <afs/param.h>
+
#include <afs/venus.h>
#include <afs/auth.h>
#include <afs/dirpath.h>
#define TKT_LIFE ( 12 * 60 * 60 )
#define SLEEP_TIME ( TKT_LIFE - 5*60 )
-#define WAKLOG_ON 1
-#define WAKLOG_OFF 2
-#define WAKLOG_UNSET 0
+#define WAKLOG_UNSET -1
#ifdef WAKLOG_DEBUG
#undef APLOG_DEBUG
strncat(buf, "/", sizeof(buf) - strlen(buf) - 1);
strncat(buf, cfg->afs_cell, sizeof(buf) - strlen(buf) - 1);
}
- if (cfg->afs_cell_realm != WAKLOG_UNSET) {
+ if (cfg->afs_cell_realm != NULL) {
strncat(buf, "@", sizeof(buf) - strlen(buf) - 1);
strncat(buf, cfg->afs_cell_realm, sizeof(buf) - strlen(buf) - 1);
}
}
+int get_cfg_usertokens(waklog_config *cfg)
+{
+ if (cfg->usertokens==WAKLOG_UNSET)
+ return 0; /* default */
+ return cfg->usertokens;
+}
+
+int get_cfg_protect(waklog_config *cfg)
+{
+ if (cfg->protect==WAKLOG_UNSET)
+ return 0; /* default */
+ return cfg->protect;
+}
+
+int get_cfg_disable_token_cache(waklog_config *cfg)
+{
+ if (cfg->disable_token_cache==WAKLOG_UNSET)
+ return 0; /* default */
+ return cfg->disable_token_cache;
+}
+
static void *
waklog_create_server_config (MK_POOL * p, server_rec * s)
cfg->protect = WAKLOG_UNSET;
cfg->usertokens = WAKLOG_UNSET;
cfg->disable_token_cache = WAKLOG_UNSET;
- cfg->keytab = WAKLOG_UNSET;
- cfg->principal = WAKLOG_UNSET;
- cfg->default_principal = WAKLOG_UNSET;
- cfg->default_keytab = WAKLOG_UNSET;
- cfg->afs_cell = WAKLOG_UNSET;
- cfg->afs_cell_realm = WAKLOG_UNSET;
+ cfg->keytab = NULL;
+ cfg->principal = NULL;
+ cfg->default_principal = NULL;
+ cfg->default_keytab = NULL;
+ cfg->afs_cell = NULL;
+ cfg->afs_cell_realm = NULL;
cfg->forked = 0;
cfg->configured = 0;
cfg->protect = WAKLOG_UNSET;
cfg->usertokens = WAKLOG_UNSET;
cfg->disable_token_cache = WAKLOG_UNSET;
- cfg->keytab = WAKLOG_UNSET;
- cfg->principal = WAKLOG_UNSET;
- cfg->default_principal = WAKLOG_UNSET;
- cfg->default_keytab = WAKLOG_UNSET;
- cfg->afs_cell = WAKLOG_UNSET;
- cfg->afs_cell_realm = WAKLOG_UNSET;
+ cfg->keytab = NULL;
+ cfg->principal = NULL;
+ cfg->default_principal = NULL;
+ cfg->default_keytab = NULL;
+ cfg->afs_cell = NULL;
+ cfg->afs_cell_realm = NULL;
cfg->forked = 0;
cfg->configured = 0;
merged->protect = child->protect != WAKLOG_UNSET ? child->protect : parent->protect;
- merged->path = child->path != WAKLOG_UNSET ? child->path : parent->path;
+ merged->path = child->path != NULL ? child->path : parent->path;
merged->usertokens = child->usertokens != WAKLOG_UNSET ? child->usertokens : parent->usertokens;
merged->disable_token_cache = child->disable_token_cache != WAKLOG_UNSET ? child->disable_token_cache : parent->disable_token_cache;
- merged->principal = child->principal != WAKLOG_UNSET ? child->principal : parent->principal;
+ merged->principal = child->principal != NULL ? child->principal : parent->principal;
- merged->keytab = child->keytab != WAKLOG_UNSET ? child->keytab : parent->keytab;
+ merged->keytab = child->keytab != NULL ? child->keytab : parent->keytab;
- merged->default_keytab = child->default_keytab != WAKLOG_UNSET ? child->default_keytab : parent->default_keytab;
+ merged->default_keytab = child->default_keytab != NULL ? child->default_keytab : parent->default_keytab;
- merged->default_principal = child->default_principal != WAKLOG_UNSET ? child->default_principal : parent->default_principal;
+ merged->default_principal = child->default_principal != NULL ? child->default_principal : parent->default_principal;
- merged->afs_cell = child->afs_cell != WAKLOG_UNSET ? child->afs_cell : parent->afs_cell;
+ merged->afs_cell = child->afs_cell != NULL ? child->afs_cell : parent->afs_cell;
- merged->afs_cell_realm = child->afs_cell_realm != WAKLOG_UNSET ? child->afs_cell_realm : parent->afs_cell_realm;
+ merged->afs_cell_realm = child->afs_cell_realm != NULL ? child->afs_cell_realm : parent->afs_cell_realm;
return (void *) merged;
merged->disable_token_cache = nconf->disable_token_cache == WAKLOG_UNSET ? pconf->disable_token_cache : nconf->disable_token_cache;
- merged->keytab = nconf->keytab == WAKLOG_UNSET ? ap_pstrdup(p, pconf->keytab) :
- ( nconf->keytab == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->keytab) );
+ merged->keytab = nconf->keytab == NULL ? ap_pstrdup(p, pconf->keytab) :
+ ( nconf->keytab == NULL ? NULL : ap_pstrdup(p, nconf->keytab) );
- merged->principal = nconf->principal == WAKLOG_UNSET ? ap_pstrdup(p, pconf->principal) :
- ( nconf->principal == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->principal) );
+ merged->principal = nconf->principal == NULL ? ap_pstrdup(p, pconf->principal) :
+ ( nconf->principal == NULL ? NULL : ap_pstrdup(p, nconf->principal) );
- merged->afs_cell = nconf->afs_cell == WAKLOG_UNSET ? ap_pstrdup(p, pconf->afs_cell) :
- ( nconf->afs_cell == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->afs_cell) );
+ merged->afs_cell = nconf->afs_cell == NULL ? ap_pstrdup(p, pconf->afs_cell) :
+ ( nconf->afs_cell == NULL ? NULL : ap_pstrdup(p, nconf->afs_cell) );
- merged->afs_cell_realm = nconf->afs_cell_realm == WAKLOG_UNSET ? ap_pstrdup(p, pconf->afs_cell_realm) :
- ( nconf->afs_cell_realm == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->afs_cell_realm) );
+ merged->afs_cell_realm = nconf->afs_cell_realm == NULL ? ap_pstrdup(p, pconf->afs_cell_realm) :
+ ( nconf->afs_cell_realm == NULL ? NULL : ap_pstrdup(p, nconf->afs_cell_realm) );
- merged->default_keytab = nconf->default_keytab == WAKLOG_UNSET ? ap_pstrdup(p, pconf->default_keytab) :
- ( nconf->default_keytab == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->default_keytab) );
+ merged->default_keytab = nconf->default_keytab == NULL ? ap_pstrdup(p, pconf->default_keytab) :
+ ( nconf->default_keytab == NULL ? NULL : ap_pstrdup(p, nconf->default_keytab) );
- merged->default_principal = nconf->default_principal == WAKLOG_UNSET ? ap_pstrdup(p, pconf->default_principal) :
- ( nconf->default_principal == WAKLOG_UNSET ? WAKLOG_UNSET : ap_pstrdup(p, pconf->default_principal) );
+ merged->default_principal = nconf->default_principal == NULL ? ap_pstrdup(p, pconf->default_principal) :
+ ( nconf->default_principal == NULL ? NULL : ap_pstrdup(p, nconf->default_principal) );
return (void *) merged;
log_error (APLOG_MARK, APLOG_INFO, 0, params->server,
"mod_waklog: will use afs_cell: %s", file);
- waklog_srvconfig->cell_in_principal = 0;
+ // Prefer afs/cell@REALM over afs@REALM, just like the OpenAFS tools
+ waklog_srvconfig->cell_in_principal = 1;
+
waklog_srvconfig->afs_cell = ap_pstrdup (params->pool, file);
waklog_srvconfig->configured = 1;
getModConfig (cfg, s);
- if ( cfg->default_principal != WAKLOG_UNSET ) {
+ if ( cfg->default_principal != NULL ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "mod_waklog: child_init setting default user %s, %s", cfg->default_principal, cfg->default_keytab);
set_auth( s, NULL, 0, cfg->default_principal, cfg->default_keytab, 0);
}
/* mmap the region */
if ( ( sharedspace = (struct sharedspace_s *) mmap ( NULL, sizeof(struct sharedspace_s), PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0 ) ) != MAP_FAILED ) {
+ int err = 0;
log_error( APLOG_MARK, APLOG_DEBUG, 0, s, "mod_waklog: shared mmap region ok %d", sharedspace );
- close(fd);
+ err = unlink(cache_file);
+ if (err) {
+ log_error( APLOG_MARK, APLOG_ERR, 0, s, "mod_waklog: unable to delete %s due to %d", cache_file, errno);
+ } else {
+ log_error( APLOG_MARK, APLOG_DEBUG, 0, s, "mod_waklog: shared cache unlinked (will be deleted when Apache quits)");
+ }
} else {
log_error( APLOG_MARK, APLOG_DEBUG, 0, s, "mod_waklog: mmap failed %d", errno );
exit(errno);
cfg = retrieve_config(r);
- if ( cfg->protect && cfg->principal ) {
+ if ( get_cfg_protect(cfg) && cfg->principal ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase0 using user %s", cfg->principal);
set_auth(r->server, r, 0, cfg->principal, cfg->keytab, 0);
} else if ( cfg->default_principal ) {
cfg = retrieve_config(r);
- if ( cfg->protect && cfg->principal ) {
+ if ( get_cfg_protect(cfg) && cfg->principal ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase1 using user %s", cfg->principal);
set_auth(r->server, r, 0, cfg->principal, cfg->keytab, 0);
} else if ( cfg->default_principal ) {
cfg = retrieve_config(r);
- if ( cfg->protect && cfg->principal ) {
+ if ( get_cfg_protect(cfg) && cfg->principal ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase3 using user %s", cfg->principal);
set_auth(r->server, r, 0, cfg->principal, cfg->keytab, 0);
} else if ( cfg->default_principal ) {
cfg = retrieve_config(r);
- if ( cfg->protect && cfg->principal ) {
+ if ( get_cfg_protect(cfg) && cfg->principal ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase6 using user %s", cfg->principal);
set_auth(r->server, r, 0, cfg->principal, cfg->keytab, 0);
} else if ( cfg->default_principal ) {
cfg = retrieve_config (r);
- if ( cfg->protect && cfg->usertokens ) {
+ if ( get_cfg_protect(cfg) && get_cfg_usertokens(cfg) ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase7 using usertokens");
rc = set_auth( r->server, r, 1, NULL, NULL, 0);
- } else if ( cfg->protect && cfg->principal ) {
+ } else if ( get_cfg_protect(cfg) && cfg->principal ) {
log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_waklog: phase7 using user %s", cfg->principal);
rc = set_auth( r->server, r, 0, cfg->principal, cfg->keytab, 0);
} else if ( cfg->default_principal ) {