[Pvfs2-cvs] commit by nlmills in pvfs2/src/common/security: getugroups.c getugroups.h module.mk.in pint-security.c pint-security.h security-util.c

CVS commit program cvs at parl.clemson.edu
Wed Jun 16 16:45:33 EDT 2010 

Update of /projects/cvsroot/pvfs2/src/common/security
In directory parlweb1:/tmp/cvs-serv2142/src/common/security

Modified Files:
      Tag: cu-security-branch
	module.mk.in pint-security.c pint-security.h security-util.c 
Added Files:
      Tag: cu-security-branch
	getugroups.c getugroups.h 
Log Message:
lots of little fixes that have been in the works for a while




Index: module.mk.in
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/common/security/Attic/module.mk.in,v
diff -p -u -r1.1.2.6 -r1.1.2.7
--- module.mk.in	7 Jun 2010 21:12:02 -0000	1.1.2.6
+++ module.mk.in	16 Jun 2010 20:45:32 -0000	1.1.2.7
@@ -1,6 +1,7 @@
 DIR := src/common/security
 SERVERSRC += $(DIR)/security-util.c
-LIBSRC += $(DIR)/security-util.c
+LIBSRC += $(DIR)/security-util.c \
+          $(DIR)/getugroups.c
 
 ifdef ENABLE_SECURITY
 SERVERSRC += $(DIR)/pint-security.c \

Index: pint-security.c
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/common/security/Attic/pint-security.c,v
diff -p -u -r1.1.2.62 -r1.1.2.63
--- pint-security.c	1 Jun 2010 20:01:04 -0000	1.1.2.62
+++ pint-security.c	16 Jun 2010 20:45:32 -0000	1.1.2.63
@@ -3,7 +3,6 @@
  *
  * See COPYING in top-level directory.
  */
-/* nlmills: TODO: fix for no security case */
 
 #include <stdlib.h>
 #include <stdio.h>
@@ -353,8 +352,6 @@ int PINT_verify_capability(const PVFS_ca
     ret = EVP_VerifyInit_ex(&mdctx, md, NULL);
     if (!ret)
     {
-	/* nlmills: TODO: use better error reporting */
-        gossip_debug(GOSSIP_SECURITY_DEBUG, "VerifyInit failure.\n");
         EVP_MD_CTX_cleanup(&mdctx);
         return 0;
     }
@@ -380,8 +377,6 @@ int PINT_verify_capability(const PVFS_ca
     }
     else 
     {
-	/* nlmills: TODO: use better error reporting */
-	gossip_debug(GOSSIP_SECURITY_DEBUG, "VerifyUpdate failure.\n");
 	EVP_MD_CTX_cleanup(&mdctx);
 	return 0;
     }

Index: pint-security.h
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/common/security/Attic/pint-security.h,v
diff -p -u -r1.1.2.30 -r1.1.2.31
--- pint-security.h	2 Jun 2010 18:50:53 -0000	1.1.2.30
+++ pint-security.h	16 Jun 2010 20:45:32 -0000	1.1.2.31
@@ -11,15 +11,23 @@
 #include "pvfs2-types.h"
 
 
-/* nlmills: TODO: document these */
+/* POSIX-style execute permission */
 #define PINT_CAP_EXEC         (1 << 0)
+/* POSIX-style write permission */
 #define PINT_CAP_WRITE        (1 << 1)
+/* POSIX-style read permission */
 #define PINT_CAP_READ         (1 << 2)
+/* permission to set attributes on a handle */
 #define PINT_CAP_SETATTR      (1 << 3)
+/* permission to create new object */
 #define PINT_CAP_CREATE       (1 << 4)
+/* permission to perform administrative-level functions */
 #define PINT_CAP_ADMIN        (1 << 5)
+/* permission to remove an object */
 #define PINT_CAP_REMOVE       (1 << 6)
+/* permission to create multiple new objects */
 #define PINT_CAP_BATCH_CREATE (1 << 7)
+/* permission to remove multiple objects */
 #define PINT_CAP_BATCH_REMOVE (1 << 8)
 
 

Index: security-util.c
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/common/security/Attic/security-util.c,v
diff -p -u -r1.1.2.10 -r1.1.2.11
--- security-util.c	7 Jun 2010 21:12:02 -0000	1.1.2.10
+++ security-util.c	16 Jun 2010 20:45:32 -0000	1.1.2.11
@@ -3,7 +3,6 @@
  *
  * See COPYING in top-level directory.
  */
-/* nlmills: TODO: fix for disabled encryption */
 
 #include <stdlib.h>
 #include <string.h>
@@ -13,13 +12,23 @@
 #include "security-util.h"
 
 
+/* PINT_null_capability
+ *
+ * Creates a capability object with no permissions.
+ */
 void PINT_null_capability(PVFS_capability *cap)
 {
     memset(cap, 0, sizeof(PVFS_capability));
     cap->issuer = strdup("");
 }
 
-/* nlmills: TODO: document me */
+/* PINT_capability_is_null
+ *
+ * Checks for a null capability with no permissions.
+ *
+ * returns 1 if the capability is null
+ * returns 0 if the capability is not null
+ */
 int PINT_capability_is_null(const PVFS_capability *cap)
 {
     int ret;
@@ -29,8 +38,14 @@ int PINT_capability_is_null(const PVFS_c
     return ret;
 }
 
-/* nlmills: TODO: fix documentation */
-/* allocates memory for and copies a capability */
+/* PINT_dup_capability
+ *
+ * Duplicates a capability object by allocating memory for the
+ * new object and then performing a deep copy.
+ *
+ * returns the new capability object on success
+ * returns NULL on error
+ */
 PVFS_capability *PINT_dup_capability(const PVFS_capability *cap)
 {
     PVFS_capability *newcap;
@@ -57,7 +72,13 @@ PVFS_capability *PINT_dup_capability(con
     return newcap;
 }
 
-/* nlmills: TODO: document me */
+/* PINT_copy_capability
+ *
+ * Performs a deep copy of a capability object.
+ *
+ * returns 0 on success
+ * returns negative PVFS error code on failure
+ */
 int PINT_copy_capability(const PVFS_capability *src, PVFS_capability *dest)
 {
     if (!src || !dest || (src == dest))
@@ -104,7 +125,12 @@ int PINT_copy_capability(const PVFS_capa
     return 0;
 }
 
-/* nlmills: TODO: document me */
+/* PINT_cleanup_capability
+ *
+ * Destructs a capability object by freeing its internal structures.
+ * After this function returns the capability object is in an
+ * invalid state.
+ */
 void PINT_cleanup_capability(PVFS_capability *cap)
 {
     if (cap)
@@ -120,7 +146,14 @@ void PINT_cleanup_capability(PVFS_capabi
     }
 }
 
-/* nlmills: TODO: document me */
+/* PINT_dup_credential
+ *
+ * Duplicates a credential object by allocating memory for the
+ * new object and then performing a deep copy.
+ *
+ * returns the new credential object on success
+ * returns NULL on error
+ */
 PVFS_credential *PINT_dup_credential(const PVFS_credential *cred)
 {
     PVFS_credential *newcred;
@@ -147,7 +180,13 @@ PVFS_credential *PINT_dup_credential(con
     return newcred;
 }
 
-/* nlmills: TODO: document me */
+/* PINT_copy_credential
+ *
+ * Performs a deep copy of a credential object.
+ *
+ * returns 0 on success
+ * returns negative PVFS error code on failure
+ */
 int PINT_copy_credential(const PVFS_credential *src, PVFS_credential *dest)
 {
     if (!src || !dest || (src == dest))
@@ -194,7 +233,12 @@ int PINT_copy_credential(const PVFS_cred
     return 0;
 }
 
-/* nlmills: TODO: document me */
+/* PINT_cleanup_credential
+ *
+ * Destructs a credential object by freeing its internal structures.
+ * After this function returns the credential object is in an
+ * invalid state.
+ */
 void PINT_cleanup_credential(PVFS_credential *cred)
 {
     if (cred)

More information about the Pvfs2-cvs mailing list