[fedfs-utils] [PATCH 3/4] libnsdb: Add nsdb_sectype()
Chuck Lever
chuck.lever at oracle.com
Tue Jan 8 09:30:45 PST 2013
Introduce an accessor function for the fn_sectype field. This will
allow further API simplification.
Signed-off-by: Chuck Lever <chuck.lever at oracle.com>
---
src/fedfsd/svc.c | 21 +++++++++++++++----
src/include/nsdb.h | 2 ++
src/libnsdb/nsdb.c | 13 +++++++++++-
src/nsdbparams/show.c | 53 ++++++++++++++++++++++++++++++++-----------------
4 files changed, 65 insertions(+), 24 deletions(-)
diff --git a/src/fedfsd/svc.c b/src/fedfsd/svc.c
index e26da13..93b110b 100644
--- a/src/fedfsd/svc.c
+++ b/src/fedfsd/svc.c
@@ -1078,7 +1078,6 @@ static void
fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt)
{
FedFsGetLimitedNsdbParamsRes result;
- struct fedfs_secdata secdata;
char *hostname = NULL;
unsigned short port;
FedFsNsdbName args;
@@ -1097,10 +1096,22 @@ fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt)
if (result.status != FEDFS_OK)
goto out;
- result.status = nsdb_lookup_nsdb(hostname, port, &host, &secdata);
- if (result.status == FEDFS_OK)
- result.FedFsGetLimitedNsdbParamsRes_u.secType =
- (FedFsConnectionSec)secdata.type;
+ result.status = nsdb_lookup_nsdb(hostname, port, &host, NULL);
+ if (result.status != FEDFS_OK)
+ goto out;
+
+ switch (nsdb_sectype(host)) {
+ case FEDFS_SEC_NONE:
+ case FEDFS_SEC_TLS:
+ result.status = FEDFS_OK;
+ result.FedFsGetLimitedNsdbParamsRes_u.secType = nsdb_sectype(host);
+ break;
+ default:
+ result.status = FEDFS_ERR_SVRFAULT;
+ xlog(L_WARNING, "Unrecognized NSDB connection security "
+ "type for %s:%u", hostname, port);
+ }
+
nsdb_free_nsdb(host);
free(hostname);
diff --git a/src/include/nsdb.h b/src/include/nsdb.h
index 46f87ee..2612263 100644
--- a/src/include/nsdb.h
+++ b/src/include/nsdb.h
@@ -242,6 +242,8 @@ void nsdb_free_nsdb(nsdb_t host);
const char *nsdb_hostname(const nsdb_t host);
size_t nsdb_hostname_len(const nsdb_t host);
unsigned short nsdb_port(const nsdb_t host);
+FedFsConnectionSec
+ nsdb_sectype(const nsdb_t host);
const char *nsdb_certfile(const nsdb_t host);
const char *nsdb_default_binddn(const nsdb_t host);
const char *nsdb_default_nce(const nsdb_t host);
diff --git a/src/libnsdb/nsdb.c b/src/libnsdb/nsdb.c
index dcea59e..c854995 100644
--- a/src/libnsdb/nsdb.c
+++ b/src/libnsdb/nsdb.c
@@ -292,6 +292,17 @@ unsigned short nsdb_port(const nsdb_t host)
}
/**
+ * Return nsdb_t's NSDB connection security type
+ *
+ * @param host pointer to initialized nsdb_t struct
+ * @return NSDB's port number
+ */
+FedFsConnectionSec nsdb_sectype(const nsdb_t host)
+{
+ return (FedFsConnectionSec)host->fn_sectype;
+}
+
+/**
* Return filename containing nsdb_t's certificate
*
* @param host pointer to initialized nsdb_t
@@ -1568,7 +1579,7 @@ nsdb_open_nsdb(nsdb_t host, const char *binddn, const char *passwd,
if (retval != FEDFS_OK)
return retval;
- switch (host->fn_sectype) {
+ switch (nsdb_sectype(host)) {
case FEDFS_SEC_NONE:
break;
case FEDFS_SEC_TLS:
diff --git a/src/nsdbparams/show.c b/src/nsdbparams/show.c
index d95f61c..ee70cdc 100644
--- a/src/nsdbparams/show.c
+++ b/src/nsdbparams/show.c
@@ -78,6 +78,38 @@ nsdbparams_show_usage(const char *progname)
}
/**
+ * Display NSDB connection parameters for "host"
+ *
+ * @param host initialized nsdb_t
+ */
+static void
+nsdbparams_show_display(nsdb_t host)
+{
+ char *c;
+
+ printf("%s:%u:\n", nsdb_hostname(host), nsdb_port(host));
+ switch (nsdb_sectype(host)) {
+ case FEDFS_SEC_NONE:
+ printf("\tconnection security: NONE\n");
+ break;
+ case FEDFS_SEC_TLS:
+ printf("\tconnection security: TLS\n");
+ printf("\tcertificate file: %s\n", nsdb_certfile(host));
+ break;
+ default:
+ printf("\tconnection security: unrecognized\n");
+ }
+ printf("\tfollow referrals: %s\n",
+ nsdb_follow_referrals(host) ? "yes" : "no");
+ c = (char *)nsdb_default_binddn(host);
+ if (c != NULL)
+ printf("\tdefault bind DN: %s\n", c);
+ c = (char *)nsdb_default_nce(host);
+ if (c != NULL)
+ printf("\tdefault NCE: %s\n", c);
+}
+
+/**
* Show one NSDB entry in our NSDB connection parameter database
*
* @param progname NUL-terminated UTF-8 string containing name of this program
@@ -89,10 +121,7 @@ int
nsdbparams_show(const char *progname, int argc, char **argv)
{
unsigned short nsdbport = LDAP_PORT;
- struct fedfs_secdata secdata = {
- .type = 0,
- };
- char *c, *nsdbname, *endptr;
+ char *nsdbname, *endptr;
FedFsStatus status;
unsigned long tmp;
struct passwd *pw;
@@ -207,23 +236,11 @@ nsdbparams_show(const char *progname, int argc, char **argv)
return EXIT_FAILURE;
}
- status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, &secdata);
+ status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, NULL);
switch (status) {
case FEDFS_OK:
- printf("%s:%u:\n", nsdbname, nsdbport);
- printf("\tconnection security: %s\n",
- nsdb_display_fedfsconnectionsec(secdata.type));
- printf("\tfollow referrals: %s\n",
- nsdb_follow_referrals(host) ? "yes" : "no");
- c = (char *)nsdb_default_binddn(host);
- if (c != NULL)
- printf("\tdefault bind DN: %s\n", c);
- c = (char *)nsdb_default_nce(host);
- if (c != NULL)
- printf("\tdefault NCE: %s\n", c);
+ nsdbparams_show_display(host);
nsdb_free_nsdb(host);
- if (secdata.type != FEDFS_SEC_NONE)
- printf("secdata:\n%s\n", secdata.data);
break;
case FEDFS_ERR_NSDB_PARAMS:
xlog(L_ERROR, "No record for %s was found", nsdbname);
More information about the fedfs-utils-devel
mailing list