Re: [9fans] Patch to secstore to unforce STA authentication.

Re: [9fans] Patch to secstore to unforce STA authentication.

[David Presotto]

[-- Attachment #1: Type: text/plain, Size: 251 bytes --]

Actaully, I think that this is one case of too much paranoia.  Is there anyone
else besides Bell Labs that uses secstored with STA turned on?  If not, I'ld like
to just make it an option and not force it just because we're using an
alternate stack.

[-- Attachment #2: Type: message/rfc822, Size: 3066 bytes --]

From: cross@sdgm.net
To: 9fans@cse.psu.edu
Subject: [9fans] Patch to secstore to unforce STA authentication.
Date: Sun, 28 Sep 2003 17:37:08 -0400
Message-ID: <39b17e26a926e5f512cfa9ac236b8ff3@sdgm.net>

My CPU server has two interfaces, with seperate IP stacks.  I run secstored
listening on both.  This works reasonably well, except that when using the
`-x' flag to get secstored to listen on the second stack (mounted on /net.alt),
it forces STA authentication.  This isn't really the behavior I want; I don't
need STA authentication there.  So, I finally got around to adding a flag to
secstored to tell it to disable STA authentication in all cases.  Here's the
patch; could this please be incorporated onto sources?  Thanks.

	- Dan C.

brahma% ape/diff -u /n/sources/plan9/sys/src/cmd/auth/secstore/secstored.c secstored.c
--- /n/sources/plan9/sys/src/cmd/auth/secstore/secstored.c	Tue Sep  2 13:55:49 2003
+++ secstored.c	Sun Sep 28 17:32:17 2003
@@ -319,7 +319,7 @@
 void
 main(int argc, char **argv)
 {
-	int afd, dfd, lcfd, forceSTA = 0;
+	int afd, dfd, lcfd, forceSTA = 0, unforceSTA = 0;
 	char adir[40], ldir[40], *remote;
 	char *serve = "tcp!*!5356", *p, aserve[128], net[128];
 	char *S = "secstore";
@@ -340,12 +340,18 @@
 		setnetmtpt(net, sizeof(net), p);
 		forceSTA = 1;  // for any non-standard network setting, be paranoid
 		break;
+	case 'u':
+		unforceSTA = 1;
+		break;
 	case 'v':
 		verbose++;
 		break;
 	default:
 		usage();
 	}ARGEND;
+
+	if(unforceSTA)
+		forceSTA = 0;

 	if(!verbose)
 		switch(rfork(RFNOTEG|RFPROC|RFFDG)) {
brahma%

Re: [9fans] Patch to secstore to unforce STA authentication.

[Dan Cross]

Sounds good to me.

	- Dan C.

Re: [9fans] Patch to secstore to unforce STA authentication.

[Charles Forsyth]

i'd made a similar change

[9fans] Patch to secstore to unforce STA authentication.

[cross]

My CPU server has two interfaces, with seperate IP stacks.  I run secstored
listening on both.  This works reasonably well, except that when using the
`-x' flag to get secstored to listen on the second stack (mounted on /net.alt),
it forces STA authentication.  This isn't really the behavior I want; I don't
need STA authentication there.  So, I finally got around to adding a flag to
secstored to tell it to disable STA authentication in all cases.  Here's the
patch; could this please be incorporated onto sources?  Thanks.

	- Dan C.

brahma% ape/diff -u /n/sources/plan9/sys/src/cmd/auth/secstore/secstored.c secstored.c
--- /n/sources/plan9/sys/src/cmd/auth/secstore/secstored.c	Tue Sep  2 13:55:49 2003
+++ secstored.c	Sun Sep 28 17:32:17 2003
@@ -319,7 +319,7 @@
 void
 main(int argc, char **argv)
 {
-	int afd, dfd, lcfd, forceSTA = 0;
+	int afd, dfd, lcfd, forceSTA = 0, unforceSTA = 0;
 	char adir[40], ldir[40], *remote;
 	char *serve = "tcp!*!5356", *p, aserve[128], net[128];
 	char *S = "secstore";
@@ -340,12 +340,18 @@
 		setnetmtpt(net, sizeof(net), p);
 		forceSTA = 1;  // for any non-standard network setting, be paranoid
 		break;
+	case 'u':
+		unforceSTA = 1;
+		break;
 	case 'v':
 		verbose++;
 		break;
 	default:
 		usage();
 	}ARGEND;
+
+	if(unforceSTA)
+		forceSTA = 0;

 	if(!verbose)
 		switch(rfork(RFNOTEG|RFPROC|RFFDG)) {
brahma%