nfs-ganesha: Svc_auth_unix.c Source File

nfs-ganesha 1.4
00001 /* @(#)svc_auth_unix.c  2.3 88/08/01 4.0 RPCSRC; from 1.28 88/02/08 SMI */
00002 /*
00003  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
00004  * unrestricted use provided that this legend is included on all tape
00005  * media and as a part of the software program in whole or part.  Users
00006  * may copy or modify Sun RPC without charge, but are not authorized
00007  * to license or distribute it to anyone else except as part of a product or
00008  * program developed by the user.
00009  * 
00010  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
00011  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
00012  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
00013  * 
00014  * Sun RPC is provided with no support and without any obligation on the
00015  * part of Sun Microsystems, Inc. to assist in its use, correction,
00016  * modification or enhancement.
00017  * 
00018  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
00019  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
00020  * OR ANY PART THEREOF.
00021  * 
00022  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
00023  * or profits or other special, indirect and consequential damages, even if
00024  * Sun has been advised of the possibility of such damages.
00025  * 
00026  * Sun Microsystems, Inc.
00027  * 2550 Garcia Avenue
00028  * Mountain View, California  94043
00029  */
00030 #ifdef HAVE_CONFIG_H
00031 #include "config.h"
00032 #endif
00033 
00034 #ifdef _SOLARIS
00035 #include "solaris_port.h"
00036 #endif
00037 
00038 #include "log.h"
00039 
00040 /*
00041  * svc_auth_unix.c
00042  * Handles UNIX flavor authentication parameters on the service side of rpc.
00043  * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
00044  * _svcauth_unix does full blown unix style uid,gid+gids auth,
00045  * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
00046  * Note: the shorthand has been gutted for efficiency.
00047  *
00048  * Copyright (C) 1984, Sun Microsystems, Inc.
00049  */
00050 
00051 #include <stdio.h>
00052 #include <string.h>
00053 #include "rpcal.h"
00054 
00055 extern SVCAUTH Svc_auth_none;
00056 
00057 /*
00058  * Unix longhand authenticator
00059  */
00060 enum auth_stat
00061 Gssrpc__svcauth_unix(register struct svc_req *rqst,
00062                      register struct rpc_msg *msg, bool_t * dispatch)
00063 {
00064   register enum auth_stat stat;
00065   XDR xdrs;
00066   register struct authunix_parms *aup;
00067   register rpc_inline_t *buf;
00068   struct area
00069   {
00070     struct authunix_parms area_aup;
00071     char area_machname[MAX_MACHINE_NAME + 1];
00072     int area_gids[NGRPS];
00073   } *area;
00074   u_int auth_len;
00075   int str_len, gid_len;
00076   register int i;
00077 
00078   rqst->rq_xprt->xp_auth = &Svc_auth_none;
00079 
00080   area = (struct area *)rqst->rq_clntcred;
00081   aup = &area->area_aup;
00082   aup->aup_machname = area->area_machname;
00083   aup->aup_gids = area->area_gids;
00084   auth_len = (u_int) msg->rm_call.cb_cred.oa_length;
00085   xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len, XDR_DECODE);
00086   buf = XDR_INLINE(&xdrs, (int)auth_len);
00087   if(buf != NULL)
00088     {
00089       aup->aup_time = IXDR_GET_LONG(buf);
00090       str_len = IXDR_GET_U_LONG(buf);
00091       if(str_len > MAX_MACHINE_NAME)
00092         {
00093           stat = AUTH_BADCRED;
00094           goto done;
00095         }
00096       memmove(aup->aup_machname, (caddr_t) buf, (u_int) str_len);
00097       aup->aup_machname[str_len] = 0;
00098       str_len = RNDUP(str_len);
00099       buf += str_len / BYTES_PER_XDR_UNIT;
00100       aup->aup_uid = IXDR_GET_LONG(buf);
00101       aup->aup_gid = IXDR_GET_LONG(buf);
00102       gid_len = IXDR_GET_U_LONG(buf);
00103       if(gid_len > NGRPS)
00104         {
00105           stat = AUTH_BADCRED;
00106           goto done;
00107         }
00108       aup->aup_len = gid_len;
00109       for(i = 0; i < gid_len; i++)
00110         {
00111           aup->aup_gids[i] = IXDR_GET_LONG(buf);
00112         }
00113       /*
00114        * five is the smallest unix credentials structure -
00115        * timestamp, hostname len (0), uid, gid, and gids len (0).
00116        */
00117       if((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > (int)auth_len)
00118         {
00119           LogCrit(COMPONENT_DISPATCH, "bad auth_len gid %d str %d auth %d",
00120                   gid_len, str_len, auth_len);
00121           stat = AUTH_BADCRED;
00122           goto done;
00123         }
00124     }
00125   else if(!xdr_authunix_parms(&xdrs, aup))
00126     {
00127       xdrs.x_op = XDR_FREE;
00128       (void)xdr_authunix_parms(&xdrs, aup);
00129       stat = AUTH_BADCRED;
00130       goto done;
00131     }
00132   rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
00133   rqst->rq_xprt->xp_verf.oa_length = 0;
00134   stat = AUTH_OK;
00135  done:
00136   XDR_DESTROY(&xdrs);
00137   return (stat);
00138 }
00139 
00140 /*
00141  * Shorthand unix authenticator
00142  * Looks up longhand in a cache.
00143  */
00144  /*ARGSUSED*/
00145     enum auth_stat
00146 Gssrpc__svcauth_short(struct svc_req *rqst, struct rpc_msg *msg, bool_t * dispatch)
00147 {
00148   rqst->rq_xprt->xp_auth = &Svc_auth_none;
00149   return (AUTH_REJECTEDCRED);
00150 }