Changeset 8358

Timestamp:

06/04/10 15:26:25 (3 years ago)

Author:

nlmills

Message:

added utility function to refresh credentials for long operations

Location:

branches/cu-security-branch

Files:

• include/pvfs2-util.h (modified) (1 diff)
• src/apps/admin/pvfs2-cp.c (modified) (3 diffs)
• src/apps/admin/pvfs2-fs-dump.c (modified) (8 diffs)
• src/apps/admin/pvfs2-fsck.c (modified) (10 diffs)
• src/apps/admin/pvfs2-perf-mon-example.c (modified) (2 diffs)
• src/common/misc/pvfs2-util.c (modified) (1 diff)

branches/cu-security-branch/include/pvfs2-util.h

@@ -47 +47 @@
 int PVFS_util_gen_credential(const char *user, unsigned int timeout,
     const char *keypath, PVFS_credential *cred);
+int PVFS_util_refresh_credential(PVFS_credential *cred);
 
 int PVFS_util_copy_sys_attr(

branches/cu-security-branch/src/apps/admin/pvfs2-cp.c

@@ -149 +149 @@
     resolve_filename(&dest, user_opts->destfile);
 
-    /* nlmills: TODO: find a better way to handle timeouts */
-    ret = PVFS_util_gen_credential(NULL, 5*60*60, NULL, &credentials);
+    ret = PVFS_util_gen_credential_defaults(&credentials);    
     if (ret < 0)
     {
@@ -344 +343 @@
             return (ret);
         }
+        PVFS_util_refresh_credential(credentials);
         ret = PVFS_sys_read(src->u.pvfs2.ref, file_req, offset,
                 buffer, mem_req, credentials, &resp_io, hints);
@@ -376 +376 @@
             return(ret);
         }
+        PVFS_util_refresh_credential(credentials);
         ret = PVFS_sys_write(dest->u.pvfs2.ref, file_req, offset,
                 buffer, mem_req, credentials, &resp_io, hints);

branches/cu-security-branch/src/apps/admin/pvfs2-fs-dump.c

@@ -139 +139 @@
     }
 
-    /* nlmills: TODO: find a better way to handle credential timeouts */
-    ret = PVFS_util_gen_credential(NULL, 5*60*60, NULL, &creds);
+    ret = PVFS_util_gen_credential_defaults(&creds);
     if (ret < 0)
     {
-        PVFS_perror("PVFS_util_gen_credential", ret);
+        PVFS_perror("PVFS_util_gen_credential_defaults", ret);
         return(-1);
     }
@@ -256 +255 @@
     struct PVFS_mgmt_server_stat *stat_array;
     struct PVFS_mgmt_setparam_value param_value;
+
+    PVFS_util_refresh_credential(creds);
 
     /* find out how many handles are in use on each */
@@ -359 +360 @@
     do
     {
-        ret = PVFS_mgmt_iterate_handles_list(cur_fs,
+        PVFS_util_refresh_credential(creds);
+        ret = PVFS_mgmt_iterate_handles_list(cur_fs,
                                              creds,
                                              handle_matrix,
@@ -454 +456 @@
     PVFS_object_ref pref;
 
+    PVFS_util_refresh_credential(creds);
+
     PVFS_sys_lookup(cur_fs, "/", creds,
                     &lookup_resp, PVFS2_LOOKUP_LINK_NO_FOLLOW, NULL);
@@ -506 +510 @@
     token = 0;
     do {
+        PVFS_util_refresh_credential(creds);
+        
         memset(&readdir_resp, 0, sizeof(PVFS_sysresp_readdir));
         ret = PVFS_sys_readdir(pref,
@@ -518 +524 @@
             char *cur_file;
             PVFS_handle cur_handle;
+
+            PVFS_util_refresh_credential(creds);
 
             cur_handle = readdir_resp.dirent_array[i].handle;
@@ -600 +608 @@
     PVFS_handle *df_handles;
 
+    PVFS_util_refresh_credential(creds);
+
     df_handles = (PVFS_handle *) malloc(df_count * sizeof(PVFS_handle));
     if (df_handles == NULL)
@@ -654 +664 @@
         PVFS_object_ref entry_ref;
         char* fmt_string;
+
+        PVFS_util_refresh_credential(creds);
 
         entry_ref.handle = handle;

branches/cu-security-branch/src/apps/admin/pvfs2-fsck.c

@@ -82 +82 @@
     }
 
-    /* nlmills: TODO: find a better way to handle credential timeouts */
-    ret = PVFS_util_gen_credential(NULL, 5*60*60, NULL, &creds);
+    ret = PVFS_util_gen_credential_defaults(&creds);
     if (ret < 0)
     {
-        PVFS_perror("PVFS_util_gen_credential", ret);
+        PVFS_perror("PVFS_util_gen_credential_defaults", ret);
         return -1;
     }
@@ -189 +188 @@
     handlelist_finalize(&hl_all);
 
+    PVFS_util_refresh_credential(&creds);
+
     param_value.type = PVFS_MGMT_PARAM_TYPE_UINT64;
     param_value.u.value = PVFS_SERVER_NORMAL_MODE;
@@ -225 +226 @@
 
  exit_now:
+    PVFS_util_refresh_credential(&creds);
+
     if (in_admin_mode) {
 
@@ -264 +267 @@
     struct PVFS_mgmt_setparam_value param_value;
 
+    PVFS_util_refresh_credential(creds);
+
     /* find out how many handles are in use on each */
     stat_array = (struct PVFS_mgmt_server_stat *)
@@ -368 +373 @@
     while (more_flag)
     {
+        PVFS_util_refresh_credential(creds);
+
         ret = PVFS_mgmt_iterate_handles_list(cur_fs,
                                              creds,
@@ -452 +459 @@
     while (more_flag)
     {
+        PVFS_util_refresh_credential(creds);
+
         ret = PVFS_mgmt_iterate_handles_list(cur_fs,
                                              creds,
@@ -534 +543 @@
     PVFS_sysresp_getattr getattr_resp;
     PVFS_object_ref pref;
+
+    PVFS_util_refresh_credential(creds);
 
     ret = PVFS_sys_lookup(cur_fs,
@@ -889 +900 @@
         PVFS_sysresp_getattr getattr_resp;
 
+        PVFS_util_refresh_credential(creds);
+
         handle_ref.handle = handle;
         handle_ref.fs_id  = cur_fs;
@@ -969 +982 @@
         PVFS_object_ref handle_ref;
         PVFS_sysresp_getattr getattr_resp;
+
+        PVFS_util_refresh_credential(creds);
 
         handle_ref.handle = handle;
@@ -1080 +1095 @@
         PVFS_object_ref handle_ref;
         PVFS_sysresp_getattr getattr_resp;
+
+        PVFS_util_refresh_credential(creds);
 
         handle_ref.handle = handle;

branches/cu-security-branch/src/apps/admin/pvfs2-perf-mon-example.c

@@ -79 +79 @@
     }
 
-    /* nlmills: TODO: find a better way to handle credential timeouts */
     ret = PVFS_util_gen_credential(NULL, 1*60*60, NULL, &creds);
     if (ret < 0)
@@ -155 +154 @@
     while (1)
     {
+        PVFS_util_refresh_credential(&creds);
         ret = PVFS_mgmt_perf_mon_list(cur_fs,
                                       &creds,

branches/cu-security-branch/src/common/misc/pvfs2-util.c

@@ -269 +269 @@
     close(filedes[0]);
     sigaction(SIGCLD, &oldsa, NULL);
+
+    return ret;
+}
+
+int PVFS_util_refresh_credential(PVFS_credential *cred)
+{
+    int ret;
+
+    /* =if the credential is valid for at least a minute */
+    if (PINT_util_get_current_time() <= cred->timeout - 60)
+    {
+        ret = 0;
+    }
+    else
+    {
+        PINT_cleanup_credential(cred);
+        ret = PVFS_util_gen_credential_defaults(cred);
+    }
 
     return ret;