Introduce an accessor function for the fn_sectype field. This will allow further API simplification.
Signed-off-by: Chuck Lever <[email protected]> --- src/fedfsd/svc.c | 21 +++++++++++++++---- src/include/nsdb.h | 2 ++ src/libnsdb/nsdb.c | 13 +++++++++++- src/nsdbparams/show.c | 53 ++++++++++++++++++++++++++++++++----------------- 4 files changed, 65 insertions(+), 24 deletions(-) diff --git a/src/fedfsd/svc.c b/src/fedfsd/svc.c index e26da13..93b110b 100644 --- a/src/fedfsd/svc.c +++ b/src/fedfsd/svc.c @@ -1078,7 +1078,6 @@ static void fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt) { FedFsGetLimitedNsdbParamsRes result; - struct fedfs_secdata secdata; char *hostname = NULL; unsigned short port; FedFsNsdbName args; @@ -1097,10 +1096,22 @@ fedfsd_svc_get_limited_nsdb_params_1(SVCXPRT *xprt) if (result.status != FEDFS_OK) goto out; - result.status = nsdb_lookup_nsdb(hostname, port, &host, &secdata); - if (result.status == FEDFS_OK) - result.FedFsGetLimitedNsdbParamsRes_u.secType = - (FedFsConnectionSec)secdata.type; + result.status = nsdb_lookup_nsdb(hostname, port, &host, NULL); + if (result.status != FEDFS_OK) + goto out; + + switch (nsdb_sectype(host)) { + case FEDFS_SEC_NONE: + case FEDFS_SEC_TLS: + result.status = FEDFS_OK; + result.FedFsGetLimitedNsdbParamsRes_u.secType = nsdb_sectype(host); + break; + default: + result.status = FEDFS_ERR_SVRFAULT; + xlog(L_WARNING, "Unrecognized NSDB connection security " + "type for %s:%u", hostname, port); + } + nsdb_free_nsdb(host); free(hostname); diff --git a/src/include/nsdb.h b/src/include/nsdb.h index 46f87ee..2612263 100644 --- a/src/include/nsdb.h +++ b/src/include/nsdb.h @@ -242,6 +242,8 @@ void nsdb_free_nsdb(nsdb_t host); const char *nsdb_hostname(const nsdb_t host); size_t nsdb_hostname_len(const nsdb_t host); unsigned short nsdb_port(const nsdb_t host); +FedFsConnectionSec + nsdb_sectype(const nsdb_t host); const char *nsdb_certfile(const nsdb_t host); const char *nsdb_default_binddn(const nsdb_t host); const char *nsdb_default_nce(const nsdb_t host); diff --git a/src/libnsdb/nsdb.c b/src/libnsdb/nsdb.c index dcea59e..c854995 100644 --- a/src/libnsdb/nsdb.c +++ b/src/libnsdb/nsdb.c @@ -292,6 +292,17 @@ unsigned short nsdb_port(const nsdb_t host) } /** + * Return nsdb_t's NSDB connection security type + * + * @param host pointer to initialized nsdb_t struct + * @return NSDB's port number + */ +FedFsConnectionSec nsdb_sectype(const nsdb_t host) +{ + return (FedFsConnectionSec)host->fn_sectype; +} + +/** * Return filename containing nsdb_t's certificate * * @param host pointer to initialized nsdb_t @@ -1568,7 +1579,7 @@ nsdb_open_nsdb(nsdb_t host, const char *binddn, const char *passwd, if (retval != FEDFS_OK) return retval; - switch (host->fn_sectype) { + switch (nsdb_sectype(host)) { case FEDFS_SEC_NONE: break; case FEDFS_SEC_TLS: diff --git a/src/nsdbparams/show.c b/src/nsdbparams/show.c index d95f61c..ee70cdc 100644 --- a/src/nsdbparams/show.c +++ b/src/nsdbparams/show.c @@ -78,6 +78,38 @@ nsdbparams_show_usage(const char *progname) } /** + * Display NSDB connection parameters for "host" + * + * @param host initialized nsdb_t + */ +static void +nsdbparams_show_display(nsdb_t host) +{ + char *c; + + printf("%s:%u:\n", nsdb_hostname(host), nsdb_port(host)); + switch (nsdb_sectype(host)) { + case FEDFS_SEC_NONE: + printf("\tconnection security: NONE\n"); + break; + case FEDFS_SEC_TLS: + printf("\tconnection security: TLS\n"); + printf("\tcertificate file: %s\n", nsdb_certfile(host)); + break; + default: + printf("\tconnection security: unrecognized\n"); + } + printf("\tfollow referrals: %s\n", + nsdb_follow_referrals(host) ? "yes" : "no"); + c = (char *)nsdb_default_binddn(host); + if (c != NULL) + printf("\tdefault bind DN: %s\n", c); + c = (char *)nsdb_default_nce(host); + if (c != NULL) + printf("\tdefault NCE: %s\n", c); +} + +/** * Show one NSDB entry in our NSDB connection parameter database * * @param progname NUL-terminated UTF-8 string containing name of this program @@ -89,10 +121,7 @@ int nsdbparams_show(const char *progname, int argc, char **argv) { unsigned short nsdbport = LDAP_PORT; - struct fedfs_secdata secdata = { - .type = 0, - }; - char *c, *nsdbname, *endptr; + char *nsdbname, *endptr; FedFsStatus status; unsigned long tmp; struct passwd *pw; @@ -207,23 +236,11 @@ nsdbparams_show(const char *progname, int argc, char **argv) return EXIT_FAILURE; } - status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, &secdata); + status = nsdb_lookup_nsdb(nsdbname, nsdbport, &host, NULL); switch (status) { case FEDFS_OK: - printf("%s:%u:\n", nsdbname, nsdbport); - printf("\tconnection security: %s\n", - nsdb_display_fedfsconnectionsec(secdata.type)); - printf("\tfollow referrals: %s\n", - nsdb_follow_referrals(host) ? "yes" : "no"); - c = (char *)nsdb_default_binddn(host); - if (c != NULL) - printf("\tdefault bind DN: %s\n", c); - c = (char *)nsdb_default_nce(host); - if (c != NULL) - printf("\tdefault NCE: %s\n", c); + nsdbparams_show_display(host); nsdb_free_nsdb(host); - if (secdata.type != FEDFS_SEC_NONE) - printf("secdata:\n%s\n", secdata.data); break; case FEDFS_ERR_NSDB_PARAMS: xlog(L_ERROR, "No record for %s was found", nsdbname); _______________________________________________ fedfs-utils-devel mailing list [email protected] https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
