shithub: riscv

Download patch

ref: f9d379974ad71fa02881ace25615bcefd8db075d
parent: ee6936365f73d5499239b9cbe138d1923e562164
author: cinap_lenrek <[email protected]>
date: Tue Dec 9 17:07:37 EST 2014 

factotum: accept multiple bootstrap auth servers in /net/ndb and -a arguments

we might have to deal with multiple bootstrap auth server
ip addresses (ipv4 and ipv6) in the future, so deal with them.


--- a/sys/src/cmd/auth/factotum/dat.h
+++ b/sys/src/cmd/auth/factotum/dat.h
@@ -144,7 +144,7 @@
 
 /* fs.c */
 extern	int		askforkeys;
-extern	char		*authaddr;
+extern	char		*authaddr[8];	/* bootstrap auth servers */
 extern	int		*confirminuse;
 extern	int		debug;
 extern	int		gflag;
--- a/sys/src/cmd/auth/factotum/fs.c
+++ b/sys/src/cmd/auth/factotum/fs.c
@@ -1,7 +1,7 @@
 #include "dat.h"
 
 int		askforkeys = 1;
-char		*authaddr;
+char		*authaddr[8];
 int		debug;
 int		doprivate = 1;
 int		gflag;
@@ -75,7 +75,9 @@
 		sflag = 1;
 		break;
 	case 'a':
-		authaddr = EARGF(usage());
+		for(i=0; i < nelem(authaddr)-2 && authaddr[i] != nil; i++)
+			;
+		authaddr[i] = EARGF(usage());
 		break;
 	case 'd':
 		debug = 1;
--- a/sys/src/cmd/auth/factotum/util.c
+++ b/sys/src/cmd/auth/factotum/util.c
@@ -22,16 +22,16 @@
 	return 0;
 }
 
-/* get auth= attribute value from /net/ndb */
-static char*
+/* get all auth= attribute values from /net/ndb */
+static void
 netndbauthaddr(void)
 {
 	enum { CHUNK = 1024 };
 	char *b, *p, *e;
-	int fd, n, m;
+	int fd, n, m, i;
 
 	if((fd = open("/net/ndb", OREAD)) < 0)
-		return nil;
+		return;
 	m = 0;
 	b = nil;
 	for(;;){
@@ -44,27 +44,37 @@
 	}
 	close(fd);
 	if(b == nil)
-		return nil;
+		return;
 	b[m] = '\0';
-	p = strstr(b, "auth=");
-	if(p != nil && p > b && strchr("\n\t ", p[-1]) == nil)
-		p = nil;
-	if(p != nil){
+
+	i = 0;
+	e = b;
+	while((p = strstr(e, "auth=")) != nil){
+		if(p > e && strchr("\n\t ", p[-1]) == nil){
+			e = p + strlen("auth=");
+			continue;
+		}
 		p += strlen("auth=");
 		for(e = p; *e != '\0'; e++)
 			if(strchr("\n\t ", *e) != nil)
 				break;
-		*e = '\0';
-		p = estrdup(p);
+		if(*e == '\0')
+			break;
+		*e++ = '\0';
+		if(*p == '\0')
+			continue;
+		authaddr[i++] = estrdup(p);
+		if(i >= nelem(authaddr)-1)
+			break;
 	}
+	authaddr[i] = nil;
 	free(b);
-	return p;
 }
 
 int
 _authdial(char *net, char *authdom)
 {
-	int fd, vanilla;
+	int i, fd, vanilla;
 
 	alarm(30*1000);
 	vanilla = net==nil || strcmp(net, "/net")==0;
@@ -75,7 +85,7 @@
 		 * If we failed to mount /srv/cs, assume that
 		 * we're still bootstrapping the system and dial
 		 * the one auth server passed to us on the command line or
-		 * look for auth= attribute in /net/ndb.
+		 * look for auth= attributes in /net/ndb.
 		 * In normal operation, it is important *not* to do this,
 		 * because the bootstrap auth server is only good for
 		 * a single auth domain.
@@ -84,12 +94,12 @@
 		 * remote authentication domain too.
 		 */
 		fd = -1;
-		if(authaddr == nil)
-			authaddr = netndbauthaddr();
-		if(authaddr != nil){
-			fd = dial(netmkaddr(authaddr, "tcp", "567"), 0, 0, 0);
+		if(authaddr[0] == nil)
+			netndbauthaddr();
+		for(i = 0; fd < 0 && authaddr[i] != nil; i++){
+			fd = dial(netmkaddr(authaddr[i], "tcp", "567"), 0, 0, 0);
 			if(fd < 0)
-				fd = dial(netmkaddr(authaddr, "il", "566"), 0, 0, 0);
+				fd = dial(netmkaddr(authaddr[i], "il", "566"), 0, 0, 0);
 		}
 	}
 	alarm(0);