* [9fans] factotum problem fix
@ 2002-11-19 5:10 pwfmfx
0 siblings, 0 replies; 8+ messages in thread
From: pwfmfx @ 2002-11-19 5:10 UTC (permalink / raw)
To: 9fans
Hello,
I couldn't access to an auth server from /net.alt,
because factotum used only /net.
Here's my fix.
Replace bindnetcs(void) in factotum/util.c by the following:
-- from here --
/* bind in a specified network and cs */
static int
bindnetcseach(char *net, char *ipdev, char *cssrv)
{
int srvfd;
char buf[40];
snprint(buf, sizeof buf, "%s/cs", net);
if(access(buf, AEXIST) >= 0)
return 0;
if((srvfd = open(cssrv, ORDWR)) < 0)
return -1;
if(mount(srvfd, -1, net, MAFTER, "") < 0)
return -1;
close(srvfd);
snprint(buf, sizeof buf, "%s/tcp", net);
if(access(buf, AEXIST) < 0)
bind(ipdev, net, MAFTER);
return 0;
}
/* bind in the default network and cs */
static int
bindnetcs(void)
{
if(bindnetcseach("/net", "#I", "#s/cs") < 0)
return -1;
bindnetcseach("/net.alt", "#I1", "#s/cs_net.alt");
return 0;
}
-- end --
By the way, fd in _asgetticket() could be closed twice.
When an error occurs, _asgetticket() close(fd),
and a caller (auth/debug, factotum/p9sk1.c, ...) closes it again.
Thanks.
---
Mamoru Sato
pwfmfx@cna.ne.jp
pwfmfx@nurs.or.jp
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-12-07 8:53 pwfmfx
0 siblings, 0 replies; 8+ messages in thread
From: pwfmfx @ 2002-12-07 8:53 UTC (permalink / raw)
To: 9fans
> The file descriptor fd is automatically closed by a success-
> ful mount call.
Oh! I didn't notice that.
I should have read documents more carefully...
Excuse me for wasting time.;-)
--
Mamoru Sato
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-12-06 16:07 Russ Cox
0 siblings, 0 replies; 8+ messages in thread
From: Russ Cox @ 2002-12-06 16:07 UTC (permalink / raw)
To: 9fans
> I've changed it to close srvfd when mount succeeds.
Confusingly, mount does that for you. From bind(2):
The file descriptor fd is automatically closed by a success-
ful mount call.
Russ
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-12-06 13:12 pwfmfx
0 siblings, 0 replies; 8+ messages in thread
From: pwfmfx @ 2002-12-06 13:12 UTC (permalink / raw)
To: 9fans
Oh, sorry. Here's one.
/* bind in the default network and cs */
static int
bindnetcs(void)
{
int srvfd;
if(access("/net/tcp", AEXIST) < 0)
bind("#I", "/net", MBEFORE);
if(access("/net/cs", AEXIST) < 0){
if((srvfd = open("#s/cs", ORDWR)) < 0)
return -1;
if(mount(srvfd, -1, "/net", MBEFORE, "") < 0){
close(srvfd);
return -1;
}
close(srvfd);
}
return 0;
}
I've changed it to close srvfd when mount succeeds.
Thanks.
--
Mamoru Sato
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-12-05 3:42 Russ Cox
0 siblings, 0 replies; 8+ messages in thread
From: Russ Cox @ 2002-12-05 3:42 UTC (permalink / raw)
To: 9fans
Can you please just post the entire bindnetcs() function?
From your diff I can't figure out what's going on.
Thanks.
Russ
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-12-05 3:29 pwfmfx
0 siblings, 0 replies; 8+ messages in thread
From: pwfmfx @ 2002-12-05 3:29 UTC (permalink / raw)
To: 9fans
Hello,
I've forgot to tell you that
there was a small resource leak in factotum:
term% diff /sys/src/cmd/auth/fctotum/util.c util.c
15,17c15,17
< if((srvfd = open("#s/cs", ORDWR)) >= 0){
< if(mount(srvfd, -1, "/net", MBEFORE, "") >= 0)
< return 0;
---
> if((srvfd = open("#s/cs", ORDWR)) < 0)
> return -1;
> if(mount(srvfd, -1, "/net", MBEFORE, "") < 0){
18a19
> return -1;
20c21
< return -1;
---
> close(srvfd);
term%
--
Mamoru Sato
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-11-20 4:24 pwfmfx
0 siblings, 0 replies; 8+ messages in thread
From: pwfmfx @ 2002-11-20 4:24 UTC (permalink / raw)
To: 9fans
> The only reason it works is
> because of an equally egregious hack I made a long time ago
> in dial that I would like to undo, i.e., that dial try /net.alt
> if it can't find something via /net.
Actually, I've followed the dial() way (I had read dial.c).
Now I understand what it means.
Ohh...
--
Mamoru Sato
pwfmfx@cna.ne.jp
pwfmfx@nurs.or.jp
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] factotum problem fix
@ 2002-11-19 16:27 presotto
0 siblings, 0 replies; 8+ messages in thread
From: presotto @ 2002-11-19 16:27 UTC (permalink / raw)
To: 9fans
[-- Attachment #1: Type: text/plain, Size: 1692 bytes --]
Easy part first:
By the way, fd in _asgetticket() could be closed twice.
When an error occurs, _asgetticket() close(fd),
and a caller (auth/debug, factotum/p9sk1.c, ...) closes it again.
As far as I can tell, everywhere that _asgetticket is called,
both in the libraries and /sys/src/cmd/auth/*, a close happens
after it in the error case or regardless. I'll take the close
out of _asgetticket.
Now the messy part:
Hello,
I couldn't access to an auth server from /net.alt,
because factotum used only /net.
Here's my fix.
Replace bindnetcs(void) in factotum/util.c by the following:
-- from here --
/* bind in a specified network and cs */
static int
bindnetcseach(char *net, char *ipdev, char *cssrv)
{
int srvfd;
char buf[40];
snprint(buf, sizeof buf, "%s/cs", net);
if(access(buf, AEXIST) >= 0)
return 0;
if((srvfd = open(cssrv, ORDWR)) < 0)
return -1;
if(mount(srvfd, -1, net, MAFTER, "") < 0)
return -1;
close(srvfd);
snprint(buf, sizeof buf, "%s/tcp", net);
if(access(buf, AEXIST) < 0)
bind(ipdev, net, MAFTER);
return 0;
}
/* bind in the default network and cs */
static int
bindnetcs(void)
{
if(bindnetcseach("/net", "#I", "#s/cs") < 0)
return -1;
bindnetcseach("/net.alt", "#I1", "#s/cs_net.alt");
return 0;
}
I'ld rather you just restart factotum doing the bind outside
of it. The security implications of people having this done
behind their back is too large. The only reason it works is
because of an equally egregious hack I made a long time ago
in dial that I would like to undo, i.e., that dial try /net.alt
if it can't find something via /net.
[-- Attachment #2: Type: message/rfc822, Size: 2900 bytes --]
[-- Attachment #2.1: Type: message/rfc822, Size: 2839 bytes --]
From: pwfmfx@cna.ne.jp
To: 9fans@cse.psu.edu
Subject: [9fans] factotum problem fix
Date: Tue, 19 Nov 2002 14:10:54 +0900
Message-ID: <d8a8608f096fd8e975b6e8e6ce899018@cna.ne.jp>
Hello,
I couldn't access to an auth server from /net.alt,
because factotum used only /net.
Here's my fix.
Replace bindnetcs(void) in factotum/util.c by the following:
-- from here --
/* bind in a specified network and cs */
static int
bindnetcseach(char *net, char *ipdev, char *cssrv)
{
int srvfd;
char buf[40];
snprint(buf, sizeof buf, "%s/cs", net);
if(access(buf, AEXIST) >= 0)
return 0;
if((srvfd = open(cssrv, ORDWR)) < 0)
return -1;
if(mount(srvfd, -1, net, MAFTER, "") < 0)
return -1;
close(srvfd);
snprint(buf, sizeof buf, "%s/tcp", net);
if(access(buf, AEXIST) < 0)
bind(ipdev, net, MAFTER);
return 0;
}
/* bind in the default network and cs */
static int
bindnetcs(void)
{
if(bindnetcseach("/net", "#I", "#s/cs") < 0)
return -1;
bindnetcseach("/net.alt", "#I1", "#s/cs_net.alt");
return 0;
}
-- end --
By the way, fd in _asgetticket() could be closed twice.
When an error occurs, _asgetticket() close(fd),
and a caller (auth/debug, factotum/p9sk1.c, ...) closes it again.
Thanks.
---
Mamoru Sato
pwfmfx@cna.ne.jp
pwfmfx@nurs.or.jp
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2002-12-07 8:53 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-11-19 5:10 [9fans] factotum problem fix pwfmfx
2002-11-19 16:27 presotto
2002-11-20 4:24 pwfmfx
2002-12-05 3:29 pwfmfx
2002-12-05 3:42 Russ Cox
2002-12-06 13:12 pwfmfx
2002-12-06 16:07 Russ Cox
2002-12-07 8:53 pwfmfx
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).