diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-11-24 17:46:45 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-11-24 17:46:45 +0000 |
| commit | 6b684da8b8aa0aa5e7a0f122e5d6b303c6fddf00 (patch) | |
| tree | db6e8ce701a0e0a905e45c82f1c65f64a733e23c /src/appl/gss-sample/gss-server.c | |
| parent | 3aa283767b10ac11b035b690f4569ce5de5e0097 (diff) | |
| download | krb5-6b684da8b8aa0aa5e7a0f122e5d6b303c6fddf00.zip krb5-6b684da8b8aa0aa5e7a0f122e5d6b303c6fddf00.tar.gz krb5-6b684da8b8aa0aa5e7a0f122e5d6b303c6fddf00.tar.bz2 | |
Mark and reindent what's left of the appl directory
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23342 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/gss-sample/gss-server.c')
| -rw-r--r-- | src/appl/gss-sample/gss-server.c | 763 |
1 files changed, 378 insertions, 385 deletions
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c index 158414d..0e2a275 100644 --- a/src/appl/gss-sample/gss-server.c +++ b/src/appl/gss-sample/gss-server.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1994 by OpenVision Technologies, Inc. * @@ -74,7 +75,7 @@ usage() #endif fprintf(stderr, "\n"); fprintf(stderr, - " [-inetd] [-export] [-logfile file] service_name\n"); + " [-inetd] [-export] [-logfile file] service_name\n"); exit(1); } @@ -89,8 +90,8 @@ int verbose = 0; * * Arguments: * - * service_name (r) the ASCII service name - * server_creds (w) the GSS-API service credentials + * service_name (r) the ASCII service name + * server_creds (w) the GSS-API service credentials * * Returns: 0 on success, -1 on failure * @@ -102,9 +103,7 @@ int verbose = 0; * 0 is returned. */ static int -server_acquire_creds(service_name, server_creds) - char *service_name; - gss_cred_id_t *server_creds; +server_acquire_creds(char *service_name, gss_cred_id_t *server_creds) { gss_buffer_desc name_buf; gss_name_t server_name; @@ -113,18 +112,18 @@ server_acquire_creds(service_name, server_creds) name_buf.value = service_name; name_buf.length = strlen(name_buf.value) + 1; maj_stat = gss_import_name(&min_stat, &name_buf, - (gss_OID) gss_nt_service_name, &server_name); + (gss_OID) gss_nt_service_name, &server_name); if (maj_stat != GSS_S_COMPLETE) { - display_status("importing name", maj_stat, min_stat); - return -1; + display_status("importing name", maj_stat, min_stat); + return -1; } maj_stat = gss_acquire_cred(&min_stat, server_name, 0, - GSS_C_NULL_OID_SET, GSS_C_ACCEPT, - server_creds, NULL, NULL); + GSS_C_NULL_OID_SET, GSS_C_ACCEPT, + server_creds, NULL, NULL); if (maj_stat != GSS_S_COMPLETE) { - display_status("acquiring credentials", maj_stat, min_stat); - return -1; + display_status("acquiring credentials", maj_stat, min_stat); + return -1; } (void) gss_release_name(&min_stat, &server_name); @@ -141,10 +140,10 @@ server_acquire_creds(service_name, server_creds) * * Arguments: * - * s (r) an established TCP connection to the client - * service_creds (r) server credentials, from gss_acquire_cred - * context (w) the established GSS-API context - * client_name (w) the client's ASCII name + * s (r) an established TCP connection to the client + * service_creds (r) server credentials, from gss_acquire_cred + * context (w) the established GSS-API context + * client_name (w) the client's ASCII name * * Returns: 0 on success, -1 on failure * @@ -156,12 +155,9 @@ server_acquire_creds(service_name, server_creds) * message is displayed and -1 is returned. */ static int -server_establish_context(s, server_creds, context, client_name, ret_flags) - int s; - gss_cred_id_t server_creds; - gss_ctx_id_t *context; - gss_buffer_t client_name; - OM_uint32 *ret_flags; +server_establish_context(int s, gss_cred_id_t server_creds, + gss_ctx_id_t *context, gss_buffer_t client_name, + OM_uint32 *ret_flags) { gss_buffer_desc send_tok, recv_tok; gss_name_t client; @@ -171,104 +167,109 @@ server_establish_context(s, server_creds, context, client_name, ret_flags) int token_flags; if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; + return -1; if (recv_tok.value) { - free(recv_tok.value); - recv_tok.value = NULL; + free(recv_tok.value); + recv_tok.value = NULL; } if (!(token_flags & TOKEN_NOOP)) { - if (logfile) - fprintf(logfile, "Expected NOOP token, got %d token instead\n", - token_flags); - return -1; + if (logfile) + fprintf(logfile, "Expected NOOP token, got %d token instead\n", + token_flags); + return -1; } *context = GSS_C_NO_CONTEXT; if (token_flags & TOKEN_CONTEXT_NEXT) { - do { - if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; - - if (verbose && logfile) { - fprintf(logfile, "Received token (size=%d): \n", - (int) recv_tok.length); - print_token(&recv_tok); - } - - maj_stat = gss_accept_sec_context(&acc_sec_min_stat, context, server_creds, &recv_tok, GSS_C_NO_CHANNEL_BINDINGS, &client, &doid, &send_tok, ret_flags, NULL, /* ignore time_rec */ - NULL); /* ignore del_cred_handle */ - - if (recv_tok.value) { - free(recv_tok.value); - recv_tok.value = NULL; - } - - if (send_tok.length != 0) { - if (verbose && logfile) { - fprintf(logfile, - "Sending accept_sec_context token (size=%d):\n", - (int) send_tok.length); - print_token(&send_tok); - } - if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { - if (logfile) - fprintf(logfile, "failure sending token\n"); - return -1; - } - - (void) gss_release_buffer(&min_stat, &send_tok); - } - if (maj_stat != GSS_S_COMPLETE - && maj_stat != GSS_S_CONTINUE_NEEDED) { - display_status("accepting context", maj_stat, - acc_sec_min_stat); - if (*context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&min_stat, context, - GSS_C_NO_BUFFER); - return -1; - } - - if (verbose && logfile) { - if (maj_stat == GSS_S_CONTINUE_NEEDED) - fprintf(logfile, "continue needed...\n"); - else - fprintf(logfile, "\n"); - fflush(logfile); - } - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - /* display the flags */ - display_ctx_flags(*ret_flags); - - if (verbose && logfile) { - maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - fprintf(logfile, "Accepted connection using mechanism OID %.*s.\n", - (int) oid_name.length, (char *) oid_name.value); - (void) gss_release_buffer(&min_stat, &oid_name); - } - - maj_stat = gss_display_name(&min_stat, client, client_name, &doid); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying name", maj_stat, min_stat); - return -1; - } - maj_stat = gss_release_name(&min_stat, &client); - if (maj_stat != GSS_S_COMPLETE) { - display_status("releasing name", maj_stat, min_stat); - return -1; - } + do { + if (recv_token(s, &token_flags, &recv_tok) < 0) + return -1; + + if (verbose && logfile) { + fprintf(logfile, "Received token (size=%d): \n", + (int) recv_tok.length); + print_token(&recv_tok); + } + + maj_stat = gss_accept_sec_context(&acc_sec_min_stat, context, + server_creds, &recv_tok, + GSS_C_NO_CHANNEL_BINDINGS, + &client, &doid, &send_tok, + ret_flags, + NULL, /* time_rec */ + NULL); /* del_cred_handle */ + + if (recv_tok.value) { + free(recv_tok.value); + recv_tok.value = NULL; + } + + if (send_tok.length != 0) { + if (verbose && logfile) { + fprintf(logfile, + "Sending accept_sec_context token (size=%d):\n", + (int) send_tok.length); + print_token(&send_tok); + } + if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { + if (logfile) + fprintf(logfile, "failure sending token\n"); + return -1; + } + + (void) gss_release_buffer(&min_stat, &send_tok); + } + if (maj_stat != GSS_S_COMPLETE + && maj_stat != GSS_S_CONTINUE_NEEDED) { + display_status("accepting context", maj_stat, + acc_sec_min_stat); + if (*context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, context, + GSS_C_NO_BUFFER); + return -1; + } + + if (verbose && logfile) { + if (maj_stat == GSS_S_CONTINUE_NEEDED) + fprintf(logfile, "continue needed...\n"); + else + fprintf(logfile, "\n"); + fflush(logfile); + } + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + /* display the flags */ + display_ctx_flags(*ret_flags); + + if (verbose && logfile) { + maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + fprintf(logfile, "Accepted connection using mechanism OID %.*s.\n", + (int) oid_name.length, (char *) oid_name.value); + (void) gss_release_buffer(&min_stat, &oid_name); + } + + maj_stat = gss_display_name(&min_stat, client, client_name, &doid); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying name", maj_stat, min_stat); + return -1; + } + maj_stat = gss_release_name(&min_stat, &client); + if (maj_stat != GSS_S_COMPLETE) { + display_status("releasing name", maj_stat, min_stat); + return -1; + } } else { - client_name->length = *ret_flags = 0; + client_name->length = *ret_flags = 0; - if (logfile) - fprintf(logfile, "Accepted unauthenticated connection.\n"); + if (logfile) + fprintf(logfile, "Accepted unauthenticated connection.\n"); } return 0; @@ -281,7 +282,7 @@ server_establish_context(s, server_creds, context, client_name, ret_flags) * * Arguments: * - * port (r) the port number on which to listen + * port (r) the port number on which to listen * * Returns: the listening socket file descriptor, or -1 on failure * @@ -291,8 +292,7 @@ server_establish_context(s, server_creds, context, client_name, ret_flags) * On error, an error message is displayed and -1 is returned. */ static int -create_socket(port) - u_short port; +create_socket(u_short port) { struct sockaddr_in saddr; int s; @@ -303,40 +303,38 @@ create_socket(port) saddr.sin_addr.s_addr = INADDR_ANY; if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - perror("creating socket"); - return -1; + perror("creating socket"); + return -1; } /* Let the socket be reused right away */ (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)); if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { - perror("binding socket"); - (void) close(s); - return -1; + perror("binding socket"); + (void) close(s); + return -1; } if (listen(s, 5) < 0) { - perror("listening on socket"); - (void) close(s); - return -1; + perror("listening on socket"); + (void) close(s); + return -1; } return s; } static float -timeval_subtract(tv1, tv2) - struct timeval *tv1, *tv2; +timeval_subtract(struct timeval *tv1, struct timeval *tv2) { return ((tv1->tv_sec - tv2->tv_sec) + - ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); + ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); } /* * Yes, yes, this isn't the best place for doing this test. * DO NOT REMOVE THIS UNTIL A BETTER TEST HAS BEEN WRITTEN, THOUGH. - * -TYT + * -TYT */ static int -test_import_export_context(context) - gss_ctx_id_t *context; +test_import_export_context(gss_ctx_id_t *context) { OM_uint32 min_stat, maj_stat; gss_buffer_desc context_token, copied_token; @@ -348,32 +346,32 @@ test_import_export_context(context) gettimeofday(&tm1, (struct timezone *) 0); maj_stat = gss_export_sec_context(&min_stat, context, &context_token); if (maj_stat != GSS_S_COMPLETE) { - display_status("exporting context", maj_stat, min_stat); - return 1; + display_status("exporting context", maj_stat, min_stat); + return 1; } gettimeofday(&tm2, (struct timezone *) 0); if (verbose && logfile) - fprintf(logfile, "Exported context: %d bytes, %7.4f seconds\n", - (int) context_token.length, timeval_subtract(&tm2, &tm1)); + fprintf(logfile, "Exported context: %d bytes, %7.4f seconds\n", + (int) context_token.length, timeval_subtract(&tm2, &tm1)); copied_token.length = context_token.length; copied_token.value = malloc(context_token.length); if (copied_token.value == 0) { - if (logfile) - fprintf(logfile, - "Couldn't allocate memory to copy context token.\n"); - return 1; + if (logfile) + fprintf(logfile, + "Couldn't allocate memory to copy context token.\n"); + return 1; } memcpy(copied_token.value, context_token.value, copied_token.length); maj_stat = gss_import_sec_context(&min_stat, &copied_token, context); if (maj_stat != GSS_S_COMPLETE) { - display_status("importing context", maj_stat, min_stat); - return 1; + display_status("importing context", maj_stat, min_stat); + return 1; } free(copied_token.value); gettimeofday(&tm1, (struct timezone *) 0); if (verbose && logfile) - fprintf(logfile, "Importing context: %7.4f seconds\n", - timeval_subtract(&tm1, &tm2)); + fprintf(logfile, "Importing context: %7.4f seconds\n", + timeval_subtract(&tm1, &tm2)); (void) gss_release_buffer(&min_stat, &context_token); return 0; } @@ -385,11 +383,11 @@ test_import_export_context(context) * * Arguments: * - * s (r) a TCP socket on which a connection has been - * accept()ed - * service_name (r) the ASCII name of the GSS-API service to - * establish a context as - * export (r) whether to test context exporting + * s (r) a TCP socket on which a connection has been + * accept()ed + * service_name (r) the ASCII name of the GSS-API service to + * establish a context as + * export (r) whether to test context exporting * * Returns: -1 on error * @@ -405,10 +403,7 @@ test_import_export_context(context) * If any error occurs, -1 is returned. */ static int -sign_server(s, server_creds, export) - int s; - gss_cred_id_t server_creds; - int export; +sign_server(int s, gss_cred_id_t server_creds, int export) { gss_buffer_desc client_name, xmit_buf, msg_buf; gss_ctx_id_t context; @@ -419,134 +414,134 @@ sign_server(s, server_creds, export) /* Establish a context with the client */ if (server_establish_context(s, server_creds, &context, - &client_name, &ret_flags) < 0) - return (-1); + &client_name, &ret_flags) < 0) + return (-1); if (context == GSS_C_NO_CONTEXT) { - printf("Accepted unauthenticated connection.\n"); + printf("Accepted unauthenticated connection.\n"); } else { - printf("Accepted connection: \"%.*s\"\n", - (int) client_name.length, (char *) client_name.value); - (void) gss_release_buffer(&min_stat, &client_name); - - if (export) { - for (i = 0; i < 3; i++) - if (test_import_export_context(&context)) - return -1; - } + printf("Accepted connection: \"%.*s\"\n", + (int) client_name.length, (char *) client_name.value); + (void) gss_release_buffer(&min_stat, &client_name); + + if (export) { + for (i = 0; i < 3; i++) + if (test_import_export_context(&context)) + return -1; + } } do { - /* Receive the message token */ - if (recv_token(s, &token_flags, &xmit_buf) < 0) - return (-1); - - if (token_flags & TOKEN_NOOP) { - if (logfile) - fprintf(logfile, "NOOP token\n"); - if (xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - break; - } - - if (verbose && logfile) { - fprintf(logfile, "Message token (flags=%d):\n", token_flags); - print_token(&xmit_buf); - } - - if ((context == GSS_C_NO_CONTEXT) && - (token_flags & (TOKEN_WRAPPED | TOKEN_ENCRYPTED | TOKEN_SEND_MIC))) - { - if (logfile) - fprintf(logfile, - "Unauthenticated client requested authenticated services!\n"); - if (xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - return (-1); - } - - if (token_flags & TOKEN_WRAPPED) { - maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf, - &conf_state, (gss_qop_t *) NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("unsealing message", maj_stat, min_stat); - if (xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - return (-1); - } else if (!conf_state && (token_flags & TOKEN_ENCRYPTED)) { - fprintf(stderr, "Warning! Message not encrypted.\n"); - } - - if (xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - } else { - msg_buf = xmit_buf; - } - - if (logfile) { - fprintf(logfile, "Received message: "); - cp = msg_buf.value; - if ((isprint((int) cp[0]) || isspace((int) cp[0])) && - (isprint((int) cp[1]) || isspace((int) cp[1]))) { - fprintf(logfile, "\"%.*s\"\n", (int) msg_buf.length, - (char *) msg_buf.value); - } else { - fprintf(logfile, "\n"); - print_token(&msg_buf); - } - } - - if (token_flags & TOKEN_SEND_MIC) { - /* Produce a signature block for the message */ - maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT, - &msg_buf, &xmit_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("signing message", maj_stat, min_stat); - return (-1); - } - - if (msg_buf.value) { - free(msg_buf.value); - msg_buf.value = 0; - } - - /* Send the signature block to the client */ - if (send_token(s, TOKEN_MIC, &xmit_buf) < 0) - return (-1); - - if (xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - } else { - if (msg_buf.value) { - free(msg_buf.value); - msg_buf.value = 0; - } - if (send_token(s, TOKEN_NOOP, empty_token) < 0) - return (-1); - } + /* Receive the message token */ + if (recv_token(s, &token_flags, &xmit_buf) < 0) + return (-1); + + if (token_flags & TOKEN_NOOP) { + if (logfile) + fprintf(logfile, "NOOP token\n"); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + break; + } + + if (verbose && logfile) { + fprintf(logfile, "Message token (flags=%d):\n", token_flags); + print_token(&xmit_buf); + } + + if ((context == GSS_C_NO_CONTEXT) && + (token_flags & (TOKEN_WRAPPED | TOKEN_ENCRYPTED | TOKEN_SEND_MIC))) + { + if (logfile) + fprintf(logfile, + "Unauthenticated client requested authenticated services!\n"); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + return (-1); + } + + if (token_flags & TOKEN_WRAPPED) { + maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf, + &conf_state, (gss_qop_t *) NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("unsealing message", maj_stat, min_stat); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + return (-1); + } else if (!conf_state && (token_flags & TOKEN_ENCRYPTED)) { + fprintf(stderr, "Warning! Message not encrypted.\n"); + } + + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + } else { + msg_buf = xmit_buf; + } + + if (logfile) { + fprintf(logfile, "Received message: "); + cp = msg_buf.value; + if ((isprint((int) cp[0]) || isspace((int) cp[0])) && + (isprint((int) cp[1]) || isspace((int) cp[1]))) { + fprintf(logfile, "\"%.*s\"\n", (int) msg_buf.length, + (char *) msg_buf.value); + } else { + fprintf(logfile, "\n"); + print_token(&msg_buf); + } + } + + if (token_flags & TOKEN_SEND_MIC) { + /* Produce a signature block for the message */ + maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT, + &msg_buf, &xmit_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("signing message", maj_stat, min_stat); + return (-1); + } + + if (msg_buf.value) { + free(msg_buf.value); + msg_buf.value = 0; + } + + /* Send the signature block to the client */ + if (send_token(s, TOKEN_MIC, &xmit_buf) < 0) + return (-1); + + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + } else { + if (msg_buf.value) { + free(msg_buf.value); + msg_buf.value = 0; + } + if (send_token(s, TOKEN_NOOP, empty_token) < 0) + return (-1); + } } while (1 /* loop will break if NOOP received */ ); if (context != GSS_C_NO_CONTEXT) { - /* Delete context */ - maj_stat = gss_delete_sec_context(&min_stat, &context, NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("deleting context", maj_stat, min_stat); - return (-1); - } + /* Delete context */ + maj_stat = gss_delete_sec_context(&min_stat, &context, NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("deleting context", maj_stat, min_stat); + return (-1); + } } if (logfile) - fflush(logfile); + fflush(logfile); return (0); } @@ -576,23 +571,23 @@ BOOL WaitAndIncrementThreadCounter(void) { for (;;) { - if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if (thread_count < max_threads) { - thread_count++; - ReleaseMutex(hMutex); - return TRUE; - } else { - ReleaseMutex(hMutex); - - if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { - continue; - } else { - return FALSE; - } - } - } else { - return FALSE; - } + if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { + if (thread_count < max_threads) { + thread_count++; + ReleaseMutex(hMutex); + return TRUE; + } else { + ReleaseMutex(hMutex); + + if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { + continue; + } else { + return FALSE; + } + } + } else { + return FALSE; + } } } @@ -600,13 +595,13 @@ BOOL DecrementAndSignalThreadCounter(void) { if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if (thread_count == max_threads) - ResetEvent(hEvent); - thread_count--; - ReleaseMutex(hMutex); - return TRUE; + if (thread_count == max_threads) + ResetEvent(hEvent); + thread_count--; + ReleaseMutex(hMutex); + return TRUE; } else { - return FALSE; + return FALSE; } } #endif @@ -632,14 +627,12 @@ worker_bee(void *param) #ifdef _WIN32 if (max_threads > 1) - DecrementAndSignalThreadCounter(); + DecrementAndSignalThreadCounter(); #endif } int -main(argc, argv) - int argc; - char **argv; +main(int argc, char **argv) { char *service_name; gss_cred_id_t server_creds; @@ -654,69 +647,69 @@ main(argc, argv) argc--; argv++; while (argc) { - if (strcmp(*argv, "-port") == 0) { - argc--; - argv++; - if (!argc) - usage(); - port = atoi(*argv); - } + if (strcmp(*argv, "-port") == 0) { + argc--; + argv++; + if (!argc) + usage(); + port = atoi(*argv); + } #ifdef _WIN32 - else if (strcmp(*argv, "-threads") == 0) { - argc--; - argv++; - if (!argc) - usage(); - max_threads = atoi(*argv); - } + else if (strcmp(*argv, "-threads") == 0) { + argc--; + argv++; + if (!argc) + usage(); + max_threads = atoi(*argv); + } #endif - else if (strcmp(*argv, "-verbose") == 0) { - verbose = 1; - } else if (strcmp(*argv, "-once") == 0) { - once = 1; - } else if (strcmp(*argv, "-inetd") == 0) { - do_inetd = 1; - } else if (strcmp(*argv, "-export") == 0) { - export = 1; - } else if (strcmp(*argv, "-logfile") == 0) { - argc--; - argv++; - if (!argc) - usage(); - /* Gross hack, but it makes it unnecessary to add an - * extra argument to disable logging, and makes the code - * more efficient because it doesn't actually write data - * to /dev/null. */ - if (!strcmp(*argv, "/dev/null")) { - logfile = display_file = NULL; - } else { - logfile = fopen(*argv, "a"); - display_file = logfile; - if (!logfile) { - perror(*argv); - exit(1); - } - } - } else - break; - argc--; - argv++; + else if (strcmp(*argv, "-verbose") == 0) { + verbose = 1; + } else if (strcmp(*argv, "-once") == 0) { + once = 1; + } else if (strcmp(*argv, "-inetd") == 0) { + do_inetd = 1; + } else if (strcmp(*argv, "-export") == 0) { + export = 1; + } else if (strcmp(*argv, "-logfile") == 0) { + argc--; + argv++; + if (!argc) + usage(); + /* Gross hack, but it makes it unnecessary to add an + * extra argument to disable logging, and makes the code + * more efficient because it doesn't actually write data + * to /dev/null. */ + if (!strcmp(*argv, "/dev/null")) { + logfile = display_file = NULL; + } else { + logfile = fopen(*argv, "a"); + display_file = logfile; + if (!logfile) { + perror(*argv); + exit(1); + } + } + } else + break; + argc--; + argv++; } if (argc != 1) - usage(); + usage(); if ((*argv)[0] == '-') - usage(); + usage(); #ifdef _WIN32 if (max_threads < 1) { - fprintf(stderr, "warning: there must be at least one thread\n"); - max_threads = 1; + fprintf(stderr, "warning: there must be at least one thread\n"); + max_threads = 1; } if (max_threads > 1 && do_inetd) - fprintf(stderr, - "warning: one thread may be used in conjunction with inetd\n"); + fprintf(stderr, + "warning: one thread may be used in conjunction with inetd\n"); InitHandles(); #endif @@ -724,63 +717,63 @@ main(argc, argv) service_name = *argv; if (server_acquire_creds(service_name, &server_creds) < 0) - return -1; + return -1; if (do_inetd) { - close(1); - close(2); + close(1); + close(2); - sign_server(0, server_creds, export); - close(0); + sign_server(0, server_creds, export); + close(0); } else { - int stmp; + int stmp; - if ((stmp = create_socket(port)) >= 0) { - if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) - perror("listening on socket"); + if ((stmp = create_socket(port)) >= 0) { + if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) + perror("listening on socket"); - do { - struct _work_plan *work = malloc(sizeof(struct _work_plan)); + do { + struct _work_plan *work = malloc(sizeof(struct _work_plan)); - if (work == NULL) { - fprintf(stderr, "fatal error: out of memory"); - break; - } + if (work == NULL) { + fprintf(stderr, "fatal error: out of memory"); + break; + } - /* Accept a TCP connection */ - if ((work->s = accept(stmp, NULL, 0)) < 0) { - perror("accepting connection"); - continue; - } + /* Accept a TCP connection */ + if ((work->s = accept(stmp, NULL, 0)) < 0) { + perror("accepting connection"); + continue; + } - work->server_creds = server_creds; - work->export = export; + work->server_creds = server_creds; + work->export = export; - if (max_threads == 1) { - worker_bee((void *) work); - } + if (max_threads == 1) { + worker_bee((void *) work); + } #ifdef _WIN32 - else { - if (WaitAndIncrementThreadCounter()) { - uintptr_t handle = - _beginthread(worker_bee, 0, (void *) work); - if (handle == (uintptr_t) - 1) { - closesocket(work->s); - free(work); - } - } else { - fprintf(stderr, - "fatal error incrementing thread counter"); - closesocket(work->s); - free(work); - break; - } - } + else { + if (WaitAndIncrementThreadCounter()) { + uintptr_t handle = + _beginthread(worker_bee, 0, (void *) work); + if (handle == (uintptr_t) - 1) { + closesocket(work->s); + free(work); + } + } else { + fprintf(stderr, + "fatal error incrementing thread counter"); + closesocket(work->s); + free(work); + break; + } + } #endif - } while (!once); + } while (!once); - closesocket(stmp); - } + closesocket(stmp); + } } (void) gss_release_cred(&min_stat, &server_creds); |