uint16_t service,
uint16_t local_port,
uint16_t local_service,
- int exclusive)
+ int exclusive,
+ const char *key,
+ int security)
{
struct sockaddr_rxrpc srx;
struct rx_connection *z_conn;
goto error_conn;
}
+ if (security < RXRPC_SECURITY_PLAIN ||
+ security > RXRPC_SECURITY_ENCRYPT)
+ goto inval;
+
memcpy(&z_conn->peer.transport, sa, salen);
switch (sa->sa_family) {
case AF_INET:
goto error_conn;
}
+ if (key) {
+ ret = setsockopt(z_conn->fd, SOL_RXRPC, RXRPC_MIN_SECURITY_LEVEL,
+ &security, sizeof(security));
+ if (ret == -1)
+ goto error_conn;
+
+ ret = setsockopt(z_conn->fd, SOL_RXRPC, RXRPC_SECURITY_KEY,
+ key, strlen(key));
+ if (ret == -1)
+ goto error_conn;
+ }
+
/* Bind an address to the local endpoint */
memset(&srx, 0, sizeof(srx));
srx.srx_family = AF_RXRPC;
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
} sa;
- const char *address = NULL;
+ const char *address = NULL, *key = NULL;
socklen_t salen;
uint16_t port, service, local_port = 0, local_service = 0;
- int exclusive = 0;
+ int exclusive = 0, security = 0;
- if (!PyArg_ParseTuple(args, "sHH|HHp",
- &address, &port, &service,
+ if (!PyArg_ParseTuple(args, "sHHzi|HHp",
+ &address, &port, &service, &key, &security,
&local_port, &local_service, &exclusive))
return NULL;
assert(obj->x == NULL);
z_conn = rx_new_connection(&sa.sa, salen, service,
- local_port, local_service, exclusive);
+ local_port, local_service, exclusive,
+ key, security);
if (!z_conn) {
Py_DECREF(obj);
return errno == ENOMEM ? PyExc_MemoryError :
uint16_t service,
uint16_t local_port,
uint16_t local_service,
- int exclusive);
+ int exclusive,
+ const char *key,
+ int security);
extern void rx_close_connection(struct rx_connection *z_conn);
our @py_type_defs = (); # Python type definitions
our @py_func_defs = (); # Python function definitions
+$constants{RXRPC_SECURITY_PLAIN} = { name => "RXRPC_SECURITY_PLAIN", val => 0 };
+$constants{RXRPC_SECURITY_AUTH} = { name => "RXRPC_SECURITY_AUTH", val => 1 };
+$constants{RXRPC_SECURITY_ENCRYPT} = { name => "RXRPC_SECURITY_ENCRYPT", val => 2 };
+
#
# Divide the lines from the files up into typed collections
#
def main(params):
# Get a list of VLDB servers to query
cell = params["cell"]
- z_conn = cell.open_vl_server()
+
+ if "localauth" in params:
+ raise RuntimeError("Don't support -localauth yet")
+ elif "noauth" in params:
+ security = None
+ elif "encrypt" in params:
+ security = kafs.RXRPC_SECURITY_ENCRYPT
+ else:
+ security = None
+
+ z_conn = cell.open_vl_server(security)
quiet = "quiet" in params
if "name" in params:
return addrs
# Open a VL Server connection
- def open_vl_server(self):
+ def open_vl_server(self, security=None):
if self.__vlconn:
return
for vlserver in self.query_vl_addrs():
debug("Trying", vlserver)
- z_conn = kafs.rx_new_connection(vlserver, kafs.VL_PORT, kafs.VL_SERVICE)
+ if security != None:
+ key = "afs@" + self.__name.upper()
+ else:
+ key = None
+ security = 0
+
+ z_conn = kafs.rx_new_connection(vlserver, kafs.VL_PORT, kafs.VL_SERVICE,
+ key, security)
try:
ret = kafs.VL_Probe(z_conn)
self.__vlconn = z_conn
projects / users / dhowells / kafs-utils.git / commitdiff