[WIP] Implement support for multiple realms

QUICKSTART

@@ -14,14 +14,14 @@ MUNGE Installation Guide
 
       Since authentication is based on UID and GID, users authenticating
       with MUNGE need to have consistent UID/GID mappings across all nodes
-      within the security realm.  Since the "munge" user is a system account,
-      its UID and GID do not need to be kept in sync across nodes.
+      within the security domain.  Since the "munge" user is a system
+      account, its UID and GID do not need to be kept in sync across nodes.
 
    C. Keep system clocks in sync
 
       MUNGE credentials are valid for a limited time defined by their embedded
       time-to-live value (5 minutes by default).  The fastest and slowest
-      system clocks across all nodes within the security realm should be
+      system clocks across all nodes within the security domain should be
       within this time interval.
 
 2. Software dependencies
@@ -237,9 +237,10 @@ MUNGE Installation Guide
 
    A. Creating a key
 
-      All munged daemons within a security realm share a common key.  This key
-      is used to cryptographically protect the credential.  Consequently,
-      credentials are only valid within a given security realm.
+      All munged daemons within a security domain share a common key.  This
+      key is used to cryptographically protect the credential.
+      Consequently, credentials are only valid within a given security
+      domain.
 
       The "mungekey" executable is the key management utility.  To ensure the
       key file maintains the correct ownership and permissions, it should
@@ -252,7 +253,7 @@ MUNGE Installation Guide
       be owned by the same user ID that will run the munged daemon process,
       and its permissions should be set to 0600.  Additionally, this key
       file will need to be securely propagated (e.g., via ssh) to all hosts
-      within the security realm.
+      within the security domain.
 
    B. Setting command-line options
 
@@ -460,7 +461,7 @@ MUNGE Installation Guide
 
          A key has not been created.  See mungekey(8).  Note that this
          file will need to be securely propagated to all hosts within the
-         security realm.
+         security domain.
 
       9. munged: Error: Found pid 1234 bound to socket
          "/run/munge/munge.socket.2"

README

@@ -5,7 +5,7 @@ INTRODUCTION
   scalable for use in an HPC cluster environment.  It provides a portable
   API for encoding the user's identity into a tamper-proof credential
   that can be obtained by an untrusted client and forwarded by untrusted
-  intermediaries within a security realm.  Clients within this realm can
+  intermediaries within a security domain.  Clients within this domain can
   create and validate credentials without the use of root privileges,
   reserved ports, or platform-specific methods.
 
@@ -38,7 +38,7 @@ USAGE
   MUNGE service, either via the munge_encode() C library call or the
   munge executable.  The encoded credential contains the UID and GID of
   the originating process.  This process sends the credential to another
-  process within the security realm as a means of proving its identity.
+  process within the security domain as a means of proving its identity.
   The receiving process validates the credential with the use of its local
   MUNGE service, either via the munge_decode() C library call or the unmunge
   executable.  The decoded credential provides the receiving process with a
@@ -49,10 +49,10 @@ USAGE
 DETAILS
 
   The contents of the credential (including any optional payload data) are
-  encrypted with a key shared by all munged daemons within the security realm.
+  encrypted with a key shared by all munged daemons within the security domain.
   The integrity of the credential is ensured by a message authentication
   code (MAC).  The credential is valid for a limited time defined by its
-  time-to-live (TTL); this presumes clocks within a security realm are
+  time-to-live (TTL); this presumes clocks within a security domain are
   in sync.  Unexpired credentials are tracked by the local munged daemon in
   order to prevent replay attacks on a given host.  Decoding of a credential
   can be restricted to a particular user and/or group ID.  The payload data

README.md

@@ -9,7 +9,7 @@ and validating user credentials.  It is designed to be highly scalable for
 use in an HPC cluster environment.  It provides a portable API for encoding
 the user's identity into a tamper-proof credential that can be obtained by an
 untrusted client and forwarded by untrusted intermediaries within a security
-realm.  Clients within this realm can create and validate credentials without
+domain.  Clients within this domain can create and validate credentials without
 the use of root privileges, reserved ports, or platform-specific methods.
 
 - [Overview](../../wiki/Man-7-munge)

munge.spec.in

@@ -40,7 +40,7 @@ and validating user credentials.  It is designed to be highly scalable for
 use in an HPC cluster environment.  It provides a portable API for encoding
 the user's identity into a tamper-proof credential that can be obtained by an
 untrusted client and forwarded by untrusted intermediaries within a security
-realm.  Clients within this realm can create and validate credentials without
+domain.  Clients within this domain can create and validate credentials without
 the use of root privileges, reserved ports, or platform-specific methods.
 
 %package devel

src/libmunge/munge_ctx.3.in

@@ -102,7 +102,7 @@ Get or set the compression type (see \fBCOMPRESSION TYPES\fR).
 \fBMUNGE_OPT_REALM\fR , \fIchar *\fR
 Get or set the security realm, where the \fIchar *\fR type is a NUL-terminated
 character string.  The string returned by \fBmunge_ctx_get\fR() should not
-be freed or modified by the caller.  \fBNOT CURRENTLY SUPPORTED\fR.
+be freed or modified by the caller.
 .TP
 \fBMUNGE_OPT_TTL\fR , \fIint\fR
 Get or set the time-to-live (in seconds) (see \fBTTL TYPES\fR).  This value

src/munge/munge.c

@@ -77,6 +77,7 @@ struct option long_opts[] = {
     { "gid",          required_argument, NULL, 'G' },
     { "ttl",          required_argument, NULL, 't' },
     { "socket",       required_argument, NULL, 'S' },
+    { "realm",        required_argument, NULL, 'R' },
     {  NULL,          0,                 NULL,  0  }
 };
 
@@ -391,6 +392,15 @@ parse_cmdline (conf_t conf, int argc, char **argv)
                         munge_ctx_strerror (conf->ctx));
                 }
                 break;
+            case 'R':
+                e = munge_ctx_set (conf->ctx, MUNGE_OPT_REALM, optarg);
+                if (e != EMUNGE_SUCCESS) {
+                    log_err (EMUNGE_SNAFU, LOG_ERR,
+                        "Failed to set realm: %s",
+                        munge_ctx_strerror (conf->ctx));
+                }
+                break;
+
             case '?':
                 if (optopt > 0) {
                     log_err (EMUNGE_SNAFU, LOG_ERR,
@@ -517,6 +527,10 @@ display_help (char *prog)
     printf ("  %*s %s\n", w, "-S, --socket=PATH",
             "Specify local socket for munged");
 
+    printf ("  %*s %s\n", w, "-R, --realm=REALM",
+            "Specify security realm");
+
+
     printf ("\n");
     printf ("By default, payload read from stdin, "
             "credential written to stdout.\n\n");

src/munge/unmunge.c

@@ -105,6 +105,7 @@ void display_gid (conf_t conf);
 void display_uid_restriction (conf_t conf);
 void display_gid_restriction (conf_t conf);
 void display_length (conf_t conf);
+void display_realm (conf_t conf);
 void display_data (conf_t conf);
 int key_str_to_val (const char *str);
 const char * key_val_to_str (int val);
@@ -128,6 +129,7 @@ typedef enum {
     MUNGE_KEY_UID_RESTRICTION,
     MUNGE_KEY_GID_RESTRICTION,
     MUNGE_KEY_LENGTH,
+    MUNGE_KEY_REALM,
     MUNGE_KEY_LAST
 } munge_key_t;
 
@@ -145,6 +147,7 @@ display_key_t munge_keys[] = {
     { MUNGE_KEY_UID_RESTRICTION, "UID_RESTRICTION", display_uid_restriction },
     { MUNGE_KEY_GID_RESTRICTION, "GID_RESTRICTION", display_gid_restriction },
     { MUNGE_KEY_LENGTH,          "LENGTH",          display_length          },
+    { MUNGE_KEY_REALM ,          "REALM",           display_realm           },
     { MUNGE_KEY_LAST,             NULL,             NULL }
 };
 
@@ -194,6 +197,7 @@ struct conf {
     char         key[ MUNGE_KEY_LAST ]; /* key flag array (true if enabled)  */
     int          key_width;             /* num chars reserved for key field  */
     unsigned     got_numeric:1;         /* flag for NUMERIC option           */
+    unsigned     got_keys:1;            /* flag for KEYS option              */
 };
 
 
@@ -280,6 +284,7 @@ create_conf (void)
     }
     conf->key_width = maxlen + 1;       /* separate longest key by one space */
     conf->got_numeric = 0;
+    conf->got_keys = 0;
 
     return (conf);
 }
@@ -337,7 +342,6 @@ destroy_conf (conf_t conf)
 void
 parse_cmdline (conf_t conf, int argc, char **argv)
 {
-    int          got_keys = 0;
     char        *prog;
     int          c;
     munge_err_t  e;
@@ -382,7 +386,7 @@ parse_cmdline (conf_t conf, int argc, char **argv)
                 conf->fn_out = optarg;
                 break;
             case 'k':
-                got_keys = 1;
+                conf->got_keys = 1;
                 parse_keys (conf, optarg);
                 break;
             case 'K':
@@ -448,7 +452,7 @@ parse_cmdline (conf_t conf, int argc, char **argv)
     }
     /*  Enable all metadata keys if a subset was not specified.
      */
-    if (!got_keys) {
+    if (!conf->got_keys) {
         for (i = 0; i < MUNGE_KEY_LAST; i++) {
             conf->key[i] = 1;
         }
@@ -1035,6 +1039,23 @@ display_length (conf_t conf)
     return;
 }
 
+void
+display_realm (conf_t conf)
+{
+    const char *key, *s;
+    int         num_spaces;
+    munge_err_t    err;
+
+    assert (conf != NULL);
+
+    key = key_val_to_str (MUNGE_KEY_REALM);
+    num_spaces = conf->key_width - strlen (key);
+    err = munge_ctx_get (conf->ctx, MUNGE_OPT_REALM, &s);
+    if (s || conf->got_keys)
+	    fprintf (conf->fp_meta, "%s:%*c%s\n", key, num_spaces, 0x20, s);
+    return;
+}
+
 
 void
 display_data (conf_t conf)