[Pvfs2-cvs] commit by sampson in
pvfs2/src/client/windows/client-service: cert.c config.c
dokan-interface.c service-main.c
CVS commit program
cvs at parl.clemson.edu
Mon Apr 25 17:32:52 EDT 2011
Update of /projects/cvsroot/pvfs2/src/client/windows/client-service
In directory parlweb1:/tmp/cvs-serv9230/src/client/windows/client-service
Modified Files:
Tag: windows-client
config.c dokan-interface.c service-main.c
Added Files:
Tag: windows-client
cert.c
Log Message:
Windows initial cert code
--- /dev/null 2004-06-24 14:04:38.000000000 -0400
+++ cert.c 2011-04-25 17:32:52.000000000 -0400
@@ -0,0 +1,63 @@
+/* Copyright (C) 2011 Omnibond LLC
+ Certificate functions */
+
+#include <Windows.h>
+#include <stdio.h>
+
+#include <openssl/ssl.h>
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/x509_vfy.h>
+
+/* initialize OpenSSL */
+static void openssl_init()
+{
+ SSL_load_error_strings();
+ ERR_load_BIO_strings();
+ OpenSSL_add_all_algorithms();
+}
+
+/* cleanup OpenSSL */
+static void openssl_cleanup()
+{
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ ERR_remove_state(0);
+}
+
+/* load certificate from file (PEM format) */
+static unsigned long load_cert_from_file(char *path, X509 **cert)
+{
+ FILE *f;
+
+ if (path == NULL || cert == NULL)
+ return -1;
+
+ f = fopen(path, "r");
+ if (f == NULL)
+ return errno;
+
+ *cert = PEM_read_X509(f, NULL, NULL, NULL);
+ if (cert == NULL)
+ return ERR_get_error();
+
+ return 0;
+}
+
+/* verify certificate */
+static unsigned long verify_cert(X509 *cert, X509 *ca_cert)
+{
+ X509_STORE *trust_store;
+ X509_STORE_CTX *ctx;
+
+ /* add CA cert to trusted store */
+ trust_store = X509_STORE_new();
+ if (trust_store == NULL)
+ return ERR_get_error();
+
+ X509_STORE_add_cert(trust_store, ca_cert);
+
+
+}
\ No newline at end of file
Index: config.c
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/client/windows/client-service/Attic/config.c,v
diff -p -u -r1.1.2.2 -r1.1.2.3
--- config.c 24 Mar 2011 21:32:57 -0000 1.1.2.2
+++ config.c 25 Apr 2011 21:32:52 -0000 1.1.2.3
@@ -207,14 +207,11 @@ int get_config(PORANGEFS_OPTIONS options
return 1;
}
}
-#ifndef _DEBUG
- /* debug already enabled for debug builds */
else if (!stricmp(token, "-debug") ||
!stricmp(token, "debug"))
{
options->debug = TRUE;
}
-#endif
else
fprintf(stderr, "Unknown option %s\n", token);
}
Index: dokan-interface.c
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/client/windows/client-service/Attic/dokan-interface.c,v
diff -p -u -r1.1.2.33 -r1.1.2.34
--- dokan-interface.c 19 Apr 2011 22:01:30 -0000 1.1.2.33
+++ dokan-interface.c 25 Apr 2011 21:32:52 -0000 1.1.2.34
@@ -558,23 +558,16 @@ static int check_perm(PVFS_sys_attr *att
/* Check permissions for create_file call */
static int check_create_perm(PVFS_sys_attr *attr, PVFS_credentials *credentials, DWORD access_mode)
{
- int ret = 0, read_flag = 0, write_flag = 0;
+ int ret = 0, write_flag = 0;
/* read attributes access */
if (access_mode & FILE_READ_ATTRIBUTES ||
access_mode & FILE_READ_EA ||
- access_mode & READ_CONTROL)
+ access_mode & READ_CONTROL ||
+ access_mode & SYNCHRONIZE)
{
- /* owner can always read attributes */
- ret = attr->owner == credentials->uid;
- if (!ret)
- {
- /* otherwise read permissions are needed */
- ret = check_perm(attr, credentials, PERM_READ);
- if (!ret)
- return ret;
- read_flag = 1;
- }
+ /* On PVFS2, all users have these rights */
+ ret = 1;
}
/* read data access */
@@ -582,7 +575,7 @@ static int check_create_perm(PVFS_sys_at
access_mode & GENERIC_ALL ||
access_mode & FILE_READ_DATA)
{
- ret = read_flag || check_perm(attr, credentials, PERM_READ);
+ ret = check_perm(attr, credentials, PERM_READ);
if (!ret)
return ret;
@@ -590,9 +583,12 @@ static int check_create_perm(PVFS_sys_at
/* write attributes access */
if (access_mode & FILE_WRITE_ATTRIBUTES ||
- access_mode & FILE_WRITE_EA)
+ access_mode & FILE_WRITE_EA ||
+ access_mode & WRITE_DAC ||
+ access_mode & WRITE_OWNER ||
+ access_mode & DELETE)
{
- /* owner can always write attributes */
+ /* owner always has these permissions */
ret = attr->owner == credentials->uid;
if (!ret)
{
@@ -607,11 +603,11 @@ static int check_create_perm(PVFS_sys_at
/* write access */
if (access_mode & GENERIC_WRITE ||
access_mode & GENERIC_ALL ||
- access_mode & FILE_WRITE_DATA ||
- access_mode & DELETE ||
- access_mode & WRITE_DAC ||
- access_mode & WRITE_OWNER)
+ access_mode & FILE_WRITE_DATA)
{
+ /* Either user is owner, or has write permissions checked already.
+ Note that if owner doesn't have write data, the file will be
+ marked read-only */
ret = write_flag || check_perm(attr, credentials, PERM_WRITE);
if (!ret)
@@ -869,7 +865,6 @@ PVFS_Dokan_create_directory(
int ret, err;
PVFS_handle handle;
PVFS_credentials credentials;
- PVFS_sys_attr attr;
DbgPrint("CreateDirectory: %S\n", FileName);
Index: service-main.c
===================================================================
RCS file: /projects/cvsroot/pvfs2/src/client/windows/client-service/Attic/service-main.c,v
diff -p -u -r1.1.2.9 -r1.1.2.10
--- service-main.c 24 Mar 2011 21:32:57 -0000 1.1.2.9
+++ service-main.c 25 Apr 2011 21:32:52 -0000 1.1.2.10
@@ -494,33 +494,28 @@ int main(int argc, char **argv, char **e
{
return service_install();
}
-
- if (!stricmp(argv[i], "-removeService") ||
+ else if (!stricmp(argv[i], "-removeService") ||
!stricmp(argv[i], "-u") || !stricmp(argv[i], "/u"))
{
return service_remove();
}
-
- if (!strcmp(argv[i], "-service"))
+ else if (!strcmp(argv[i], "-service"))
{
run_service = 1;
}
-
- if (!strcmp(argv[i], "-mount") || !strcmp(argv[i], "-m") ||
- !strcmp(argv[i], "/m"))
+ else if (!strcmp(argv[i], "-mount") || !strcmp(argv[i], "-m") ||
+ !strcmp(argv[i], "/m"))
{
if (i < (argc - 1))
strncpy(mount_point, argv[++i], MAX_PATH);
else
fprintf(stderr, "Invalid argument -mount. Using mount point Z:\n");
}
-
- /* debug is always enabled for debug version */
-#ifndef _DEBUG
- if (!strcmp(argv[i], "-debug") || !strcmp(argv[i], "-d") ||
- !strcmp(argv[i], "/d"))
+ else if (!strcmp(argv[i], "-debug") || !strcmp(argv[i], "-d") ||
+ !strcmp(argv[i], "/d"))
+ {
debug = TRUE;
-#endif
+ }
}
if (run_service)
More information about the Pvfs2-cvs
mailing list