diff --git a/src/broker/broker.c b/src/broker/broker.c index 5244bae8e15c..939ab6bcb556 100644 --- a/src/broker/broker.c +++ b/src/broker/broker.c @@ -104,7 +104,7 @@ typedef struct { /* 0MQ */ zctx_t *zctx; /* zeromq context (MT-safe) */ - flux_sec_t sec; /* security context (MT-safe) */ + flux_sec_t *sec; /* security context (MT-safe) */ /* Reactor */ diff --git a/src/broker/overlay.c b/src/broker/overlay.c index eb8b737c194d..395e60363543 100644 --- a/src/broker/overlay.c +++ b/src/broker/overlay.c @@ -45,7 +45,7 @@ struct endpoint { struct overlay_struct { zctx_t *zctx; - flux_sec_t sec; + flux_sec_t *sec; flux_t h; zhash_t *children; /* child_t - by uuid */ flux_msg_handler_t *heartbeat; @@ -150,7 +150,7 @@ void overlay_set_zctx (overlay_t *ov, zctx_t *zctx) ov->zctx = zctx; } -void overlay_set_sec (overlay_t *ov, flux_sec_t sec) +void overlay_set_sec (overlay_t *ov, flux_sec_t *sec) { ov->sec = sec; } diff --git a/src/broker/overlay.h b/src/broker/overlay.h index f6bbd3814582..1235a8ad2ba3 100644 --- a/src/broker/overlay.h +++ b/src/broker/overlay.h @@ -9,7 +9,7 @@ void overlay_destroy (overlay_t *ov); /* These need to be set before connect/bind. */ -void overlay_set_sec (overlay_t *ov, flux_sec_t sec); +void overlay_set_sec (overlay_t *ov, flux_sec_t *sec); void overlay_set_zctx (overlay_t *ov, zctx_t *zctx); void overlay_set_rank (overlay_t *ov, uint32_t rank); void overlay_set_flux (overlay_t *ov, flux_t h); diff --git a/src/broker/snoop.c b/src/broker/snoop.c index 9812ec56ad3a..c53ef2b72240 100644 --- a/src/broker/snoop.c +++ b/src/broker/snoop.c @@ -38,7 +38,7 @@ #include "snoop.h" struct snoop_struct { - flux_sec_t sec; + flux_sec_t *sec; zctx_t *zctx; char *uri; void *zs; @@ -59,7 +59,7 @@ void snoop_destroy (snoop_t *sn) } } -void snoop_set_sec (snoop_t *sn, flux_sec_t sec) +void snoop_set_sec (snoop_t *sn, flux_sec_t *sec) { sn->sec = sec; } diff --git a/src/broker/snoop.h b/src/broker/snoop.h index 5f0cca3aa09a..0436436b1b9f 100644 --- a/src/broker/snoop.h +++ b/src/broker/snoop.h @@ -26,7 +26,7 @@ typedef struct snoop_struct snoop_t; snoop_t *snoop_create (void); void snoop_destroy (snoop_t *sn); -void snoop_set_sec (snoop_t *sn, flux_sec_t sec); +void snoop_set_sec (snoop_t *sn, flux_sec_t *sec); void snoop_set_zctx (snoop_t *sn, zctx_t *zctx); void snoop_set_uri (snoop_t *sn, const char *fmt, ...); diff --git a/src/cmd/flux-keygen.c b/src/cmd/flux-keygen.c index 55b8106b3aa9..62cccebd6938 100644 --- a/src/cmd/flux-keygen.c +++ b/src/cmd/flux-keygen.c @@ -51,7 +51,7 @@ void usage (void) int main (int argc, char *argv[]) { int ch; - flux_sec_t sec; + flux_sec_t *sec; bool force = false; bool plain = false; const char *secdir = getenv ("FLUX_SEC_DIRECTORY"); diff --git a/src/cmd/flux-snoop.c b/src/cmd/flux-snoop.c index e86bb89d3d47..029f2bf19ca6 100644 --- a/src/cmd/flux-snoop.c +++ b/src/cmd/flux-snoop.c @@ -63,7 +63,7 @@ void usage (void) exit (1); } -static void *connect_snoop (zctx_t *zctx, flux_sec_t sec, const char *uri); +static void *connect_snoop (zctx_t *zctx, flux_sec_t *sec, const char *uri); static int snoop_cb (zloop_t *zloop, zmq_pollitem_t *item, void *arg); static int zmon_cb (zloop_t *zloop, zmq_pollitem_t *item, void *arg); @@ -85,7 +85,7 @@ int main (int argc, char *argv[]) void *s; zloop_t *zloop; zmq_pollitem_t zp; - flux_sec_t sec; + flux_sec_t *sec; const char *secdir; log_init ("flux-snoop"); @@ -201,7 +201,7 @@ int main (int argc, char *argv[]) return 0; } -static void *connect_snoop (zctx_t *zctx, flux_sec_t sec, const char *uri) +static void *connect_snoop (zctx_t *zctx, flux_sec_t *sec, const char *uri) { void *s; diff --git a/src/common/libflux/security.c b/src/common/libflux/security.c index 46789591d1c0..120cacd9e8ce 100644 --- a/src/common/libflux/security.c +++ b/src/common/libflux/security.c @@ -156,32 +156,32 @@ struct flux_sec_struct { pthread_mutex_t lock; }; -static int checksecdirs (flux_sec_t c, bool create); -static zcert_t *getcurve (flux_sec_t c, const char *role); -static int gencurve (flux_sec_t c, const char *role, bool force, bool verbose); -static char *getpasswd (flux_sec_t c, const char *user); -static int genpasswd (flux_sec_t c, const char *user, bool force, bool verbose); +static int checksecdirs (flux_sec_t *c, bool create); +static zcert_t *getcurve (flux_sec_t *c, const char *role); +static int gencurve (flux_sec_t *c, const char *role, bool force, bool verbose); +static char *getpasswd (flux_sec_t *c, const char *user); +static int genpasswd (flux_sec_t *c, const char *user, bool force, bool verbose); -static void lock_sec (flux_sec_t c) +static void lock_sec (flux_sec_t *c) { int e = pthread_mutex_lock (&c->lock); if (e) log_errn_exit (e, "pthread_mutex_lock"); } -static void unlock_sec (flux_sec_t c) +static void unlock_sec (flux_sec_t *c) { int e = pthread_mutex_unlock (&c->lock); if (e) log_errn_exit (e, "pthread_mutex_unlock"); } -const char *flux_sec_errstr (flux_sec_t c) +const char *flux_sec_errstr (flux_sec_t *c) { return (c->errstr ? c->errstr : "Success"); } -const char *flux_sec_confstr (flux_sec_t c) +const char *flux_sec_confstr (flux_sec_t *c) { lock_sec (c); if (c->confstr) @@ -195,7 +195,7 @@ const char *flux_sec_confstr (flux_sec_t c) return c->confstr; } -static void seterrstr (flux_sec_t c, const char *fmt, ...) +static void seterrstr (flux_sec_t *c, const char *fmt, ...) { va_list ap; @@ -209,7 +209,7 @@ static void seterrstr (flux_sec_t c, const char *fmt, ...) va_end (ap); } -void flux_sec_destroy (flux_sec_t c) +void flux_sec_destroy (flux_sec_t *c) { if (c->domain) free (c->domain); @@ -235,9 +235,9 @@ void flux_sec_destroy (flux_sec_t c) free (c); } -flux_sec_t flux_sec_create (void) +flux_sec_t *flux_sec_create (void) { - flux_sec_t c = xzmalloc (sizeof (*c)); + flux_sec_t *c = xzmalloc (sizeof (*c)); int e; if ((e = pthread_mutex_init (&c->lock, NULL))) @@ -260,19 +260,19 @@ static int validate_type (int tm) return -1; } -void flux_sec_set_directory (flux_sec_t c, const char *confdir) +void flux_sec_set_directory (flux_sec_t *c, const char *confdir) { if (c->conf_dir) free (c->conf_dir); c->conf_dir = xstrdup (confdir); } -const char *flux_sec_get_directory (flux_sec_t c) +const char *flux_sec_get_directory (flux_sec_t *c) { return c->conf_dir; } -int flux_sec_disable (flux_sec_t c, int tm) +int flux_sec_disable (flux_sec_t *c, int tm) { int rc; lock_sec (c); @@ -282,7 +282,7 @@ int flux_sec_disable (flux_sec_t c, int tm) return rc; } -int flux_sec_enable (flux_sec_t c, int tm) +int flux_sec_enable (flux_sec_t *c, int tm) { int rc; lock_sec (c); @@ -296,7 +296,7 @@ int flux_sec_enable (flux_sec_t c, int tm) return rc; } -bool flux_sec_type_enabled (flux_sec_t c, int tm) +bool flux_sec_type_enabled (flux_sec_t *c, int tm) { bool ret; lock_sec (c); @@ -305,7 +305,7 @@ bool flux_sec_type_enabled (flux_sec_t c, int tm) return ret; } -int flux_sec_keygen (flux_sec_t c, bool force, bool verbose) +int flux_sec_keygen (flux_sec_t *c, bool force, bool verbose) { int rc = -1; lock_sec (c); @@ -327,7 +327,7 @@ int flux_sec_keygen (flux_sec_t c, bool force, bool verbose) return rc; } -int flux_sec_zauth_init (flux_sec_t c, zctx_t *zctx, const char *domain) +int flux_sec_zauth_init (flux_sec_t *c, zctx_t *zctx, const char *domain) { int rc = -1; lock_sec (c); @@ -356,7 +356,7 @@ int flux_sec_zauth_init (flux_sec_t c, zctx_t *zctx, const char *domain) return rc; } -int flux_sec_munge_init (flux_sec_t c) +int flux_sec_munge_init (flux_sec_t *c) { int rc = -1; lock_sec (c); @@ -377,7 +377,7 @@ int flux_sec_munge_init (flux_sec_t c) return rc; } -int flux_sec_csockinit (flux_sec_t c, void *sock) +int flux_sec_csockinit (flux_sec_t *c, void *sock) { int rc = -1; lock_sec (c); @@ -402,7 +402,7 @@ int flux_sec_csockinit (flux_sec_t c, void *sock) return rc; } -int flux_sec_ssockinit (flux_sec_t c, void *sock) +int flux_sec_ssockinit (flux_sec_t *c, void *sock) { lock_sec (c); if ((c->typemask & (FLUX_SEC_TYPE_CURVE))) { @@ -416,7 +416,7 @@ int flux_sec_ssockinit (flux_sec_t c, void *sock) return 0; } -static int checksecdir (flux_sec_t c, const char *path, bool create) +static int checksecdir (flux_sec_t *c, const char *path, bool create) { struct stat sb; int rc = -1; @@ -457,7 +457,7 @@ static int checksecdir (flux_sec_t c, const char *path, bool create) return rc; } -static int checksecdirs (flux_sec_t c, bool create) +static int checksecdirs (flux_sec_t *c, bool create) { /* XXX c->lock held */ @@ -495,7 +495,7 @@ static char * ctime_iso8601_now (char *buf, size_t sz) return (buf); } -static zcert_t *zcert_curve_new (flux_sec_t c) +static zcert_t *zcert_curve_new (flux_sec_t *c) { zcert_t *new; char sec[41]; @@ -524,7 +524,7 @@ static zcert_t *zcert_curve_new (flux_sec_t c) return new; } -static int gencurve (flux_sec_t c, const char *role, bool force, bool verbose) +static int gencurve (flux_sec_t *c, const char *role, bool force, bool verbose) { char *path = NULL, *priv = NULL;; zcert_t *cert = NULL; @@ -577,7 +577,7 @@ static int gencurve (flux_sec_t c, const char *role, bool force, bool verbose) return rc; } -static zcert_t *getcurve (flux_sec_t c, const char *role) +static zcert_t *getcurve (flux_sec_t *c, const char *role) { char *path = NULL;; zcert_t *cert = NULL; @@ -592,7 +592,7 @@ static zcert_t *getcurve (flux_sec_t c, const char *role) return cert; } -static char *getpasswd (flux_sec_t c, const char *user) +static char *getpasswd (flux_sec_t *c, const char *user) { zhash_t *passwds; char *passwd = NULL; @@ -613,7 +613,7 @@ static char *getpasswd (flux_sec_t c, const char *user) return passwd; } -static int genpasswd (flux_sec_t c, const char *user, bool force, bool verbose) +static int genpasswd (flux_sec_t *c, const char *user, bool force, bool verbose) { struct stat sb; zhash_t *passwds = NULL; @@ -653,7 +653,7 @@ static int genpasswd (flux_sec_t c, const char *user, bool force, bool verbose) return rc; } -int flux_sec_munge_zmsg (flux_sec_t c, zmsg_t **zmsg) +int flux_sec_munge_zmsg (flux_sec_t *c, zmsg_t **zmsg) { char *buf = NULL, *cr = NULL; munge_err_t e; @@ -696,7 +696,7 @@ int flux_sec_munge_zmsg (flux_sec_t c, zmsg_t **zmsg) return rc; } -int flux_sec_unmunge_zmsg (flux_sec_t c, zmsg_t **zmsg) +int flux_sec_unmunge_zmsg (flux_sec_t *c, zmsg_t **zmsg) { char *cr = NULL, *buf = NULL; int len; diff --git a/src/common/libflux/security.h b/src/common/libflux/security.h index 44a36b591c9e..c068250c2bf4 100644 --- a/src/common/libflux/security.h +++ b/src/common/libflux/security.h @@ -6,7 +6,7 @@ #define DEFAULT_ZAP_DOMAIN "flux" -typedef struct flux_sec_struct *flux_sec_t; +typedef struct flux_sec_struct flux_sec_t; struct _zctx_t; @@ -21,34 +21,34 @@ enum { /* Create a security context. * The default mode depends on compilation options. */ -flux_sec_t flux_sec_create (void); -void flux_sec_destroy (flux_sec_t c); +flux_sec_t *flux_sec_create (void); +void flux_sec_destroy (flux_sec_t *c); /* Enable/disable/test security modes. */ -int flux_sec_enable (flux_sec_t c, int type); -int flux_sec_disable (flux_sec_t c, int type); +int flux_sec_enable (flux_sec_t *c, int type); +int flux_sec_disable (flux_sec_t *c, int type); /* Get/set config directory used by security context. */ -void flux_sec_set_directory (flux_sec_t c, const char *confdir); -const char *flux_sec_get_directory (flux_sec_t c); +void flux_sec_set_directory (flux_sec_t *c, const char *confdir); +const char *flux_sec_get_directory (flux_sec_t *c); /* Generate key material for configured security modes, if applicable. */ -int flux_sec_keygen (flux_sec_t c, bool force, bool verbose); +int flux_sec_keygen (flux_sec_t *c, bool force, bool verbose); /* Initialize ZAUTH (PLAIN or CURVE) and MUNGE security. * Calling these when relevant security modes are disabled is a no-op. */ -int flux_sec_zauth_init (flux_sec_t c, struct _zctx_t *zctx, const char *domain); -int flux_sec_munge_init (flux_sec_t c); +int flux_sec_zauth_init (flux_sec_t *c, struct _zctx_t *zctx, const char *domain); +int flux_sec_munge_init (flux_sec_t *c); /* Enable client or server mode ZAUTH security on a zmq socket. * Calling these when relevant security modes are disabled is a no-op. */ -int flux_sec_csockinit (flux_sec_t c, void *sock); -int flux_sec_ssockinit (flux_sec_t c, void *sock); +int flux_sec_csockinit (flux_sec_t *c, void *sock); +int flux_sec_ssockinit (flux_sec_t *c, void *sock); /* Munge/unmunge a msg. The munged message is a single part * containing a munge credential, with the original message encoded @@ -56,19 +56,19 @@ int flux_sec_ssockinit (flux_sec_t c, void *sock); * Be aware that SUB subscriptions will no longer match the message's * encoded topic string (you should subscribe to all). */ -int flux_sec_munge_zmsg (flux_sec_t c, flux_msg_t **msg); -int flux_sec_unmunge_zmsg (flux_sec_t c, flux_msg_t **msg); +int flux_sec_munge_zmsg (flux_sec_t *c, flux_msg_t **msg); +int flux_sec_unmunge_zmsg (flux_sec_t *c, flux_msg_t **msg); /* Retrieve a string describing the last error. * This value is valid after one of the above calls returns -1. * The caller should not free this string. */ -const char *flux_sec_errstr (flux_sec_t c); +const char *flux_sec_errstr (flux_sec_t *c); /* Retrieve a string describing the security modes selected. * The caller should not free this string. */ -const char *flux_sec_confstr (flux_sec_t c); +const char *flux_sec_confstr (flux_sec_t *c); #endif /* _FLUX_CORE_SECURITY_H */ diff --git a/src/test/tmunge.c b/src/test/tmunge.c index 2ab424bb1a61..863266257a5b 100644 --- a/src/test/tmunge.c +++ b/src/test/tmunge.c @@ -58,7 +58,7 @@ static void *cs; void *thread (void *arg) { zmsg_t *zmsg; - flux_sec_t sec; + flux_sec_t *sec; int i; if (!(sec = flux_sec_create ())) @@ -94,7 +94,7 @@ int main (int argc, char *argv[]) pthread_t tid; pthread_attr_t attr; zmsg_t *zmsg; - flux_sec_t sec; + flux_sec_t *sec; int n; zctx_t *zctx;