Back to index

glibc  2.9
Classes | Defines | Typedefs | Enumerations | Functions
auth.h File Reference
#include <features.h>
#include <rpc/xdr.h>
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

union  des_block
struct  opaque_auth
struct  AUTH
struct  AUTH::auth_ops
struct  des_block.key

Defines

#define MAX_AUTH_BYTES   400
#define MAXNETNAMELEN   255 /* maximum length of network user's name */
#define AUTH_NEXTVERF(auth)   ((*((auth)->ah_ops->ah_nextverf))(auth))
#define auth_nextverf(auth)   ((*((auth)->ah_ops->ah_nextverf))(auth))
#define AUTH_MARSHALL(auth, xdrs)   ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
#define auth_marshall(auth, xdrs)   ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
#define AUTH_VALIDATE(auth, verfp)   ((*((auth)->ah_ops->ah_validate))((auth), verfp))
#define auth_validate(auth, verfp)   ((*((auth)->ah_ops->ah_validate))((auth), verfp))
#define AUTH_REFRESH(auth)   ((*((auth)->ah_ops->ah_refresh))(auth))
#define auth_refresh(auth)   ((*((auth)->ah_ops->ah_refresh))(auth))
#define AUTH_DESTROY(auth)   ((*((auth)->ah_ops->ah_destroy))(auth))
#define auth_destroy(auth)   ((*((auth)->ah_ops->ah_destroy))(auth))
#define AUTH_NONE   0 /* no authentication */
#define AUTH_NULL   0 /* backward compatibility */
#define AUTH_SYS   1 /* unix style (uid, gids) */
#define AUTH_UNIX   AUTH_SYS
#define AUTH_SHORT   2 /* short hand unix style */
#define AUTH_DES   3 /* des style (encrypted timestamps) */
#define AUTH_DH   AUTH_DES /* Diffie-Hellman (this is DES) */
#define AUTH_KERB   4 /* kerberos style */

Typedefs

typedef union des_block
typedef struct AUTH

Enumerations

enum  auth_stat {
  AUTH_OK = 0, AUTH_BADCRED = 1, AUTH_REJECTEDCRED = 2, AUTH_BADVERF = 3,
  AUTH_REJECTEDVERF = 4, AUTH_TOOWEAK = 5, AUTH_INVALIDRESP = 6, AUTH_FAILED = 7
}

Functions

bool_t xdr_des_block (XDR *__xdrs, des_block *__blkp) __THROW
AUTHauthunix_create (char *__machname, __uid_t __uid, __gid_t __gid, int __len, __gid_t *__aup_gids)
AUTHauthunix_create_default (void)
AUTHauthnone_create (void) __THROW
AUTHauthdes_create (const char *__servername, u_int __window, struct sockaddr *__syncaddr, des_block *__ckey) __THROW
AUTHauthdes_pk_create (const char *, netobj *, u_int, struct sockaddr *, des_block *) __THROW
int getnetname (char *) __THROW
int host2netname (char *, __const char *, __const char *) __THROW
int user2netname (char *, __const uid_t, __const char *) __THROW
int netname2user (__const char *, uid_t *, gid_t *, int *, gid_t *) __THROW
int netname2host (__const char *, char *, __const int) __THROW
int key_decryptsession (char *, des_block *)
int key_decryptsession_pk (char *, netobj *, des_block *)
int key_encryptsession (char *, des_block *)
int key_encryptsession_pk (char *, netobj *, des_block *)
int key_gendes (des_block *)
int key_setsecret (char *)
int key_secretkey_is_set (void)
int key_get_conv (char *, des_block *)
bool_t xdr_opaque_auth (XDR *, struct opaque_auth *) __THROW

Class Documentation

union des_block

Definition at line 72 of file auth.h.

Class Members
char c
struct des_block key
struct opaque_auth

Definition at line 85 of file auth.h.

Class Members
caddr_t oa_base
enum_t oa_flavor
u_int oa_length
struct AUTH

Definition at line 95 of file auth.h.

Collaboration diagram for AUTH:
Class Members
struct auth_ops * ah_ops
caddr_t ah_private
struct des_block.key

Definition at line 73 of file auth.h.

Class Members
u_int32_t high
u_int32_t low

Define Documentation

#define AUTH_DES   3 /* des style (encrypted timestamps) */

Definition at line 177 of file auth.h.

#define AUTH_DESTROY (   auth)    ((*((auth)->ah_ops->ah_destroy))(auth))

Definition at line 139 of file auth.h.

#define auth_destroy (   auth)    ((*((auth)->ah_ops->ah_destroy))(auth))

Definition at line 141 of file auth.h.

#define AUTH_DH   AUTH_DES /* Diffie-Hellman (this is DES) */

Definition at line 178 of file auth.h.

#define AUTH_KERB   4 /* kerberos style */

Definition at line 179 of file auth.h.

#define AUTH_MARSHALL (   auth,
  xdrs 
)    ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))

Definition at line 124 of file auth.h.

#define auth_marshall (   auth,
  xdrs 
)    ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))

Definition at line 126 of file auth.h.

#define AUTH_NEXTVERF (   auth)    ((*((auth)->ah_ops->ah_nextverf))(auth))

Definition at line 119 of file auth.h.

#define auth_nextverf (   auth)    ((*((auth)->ah_ops->ah_nextverf))(auth))

Definition at line 121 of file auth.h.

#define AUTH_NONE   0 /* no authentication */

Definition at line 172 of file auth.h.

#define AUTH_NULL   0 /* backward compatibility */

Definition at line 173 of file auth.h.

#define AUTH_REFRESH (   auth)    ((*((auth)->ah_ops->ah_refresh))(auth))

Definition at line 134 of file auth.h.

#define auth_refresh (   auth)    ((*((auth)->ah_ops->ah_refresh))(auth))

Definition at line 136 of file auth.h.

#define AUTH_SHORT   2 /* short hand unix style */

Definition at line 176 of file auth.h.

#define AUTH_SYS   1 /* unix style (uid, gids) */

Definition at line 174 of file auth.h.

#define AUTH_UNIX   AUTH_SYS

Definition at line 175 of file auth.h.

#define AUTH_VALIDATE (   auth,
  verfp 
)    ((*((auth)->ah_ops->ah_validate))((auth), verfp))

Definition at line 129 of file auth.h.

#define auth_validate (   auth,
  verfp 
)    ((*((auth)->ah_ops->ah_validate))((auth), verfp))

Definition at line 131 of file auth.h.

#define MAX_AUTH_BYTES   400

Definition at line 49 of file auth.h.

#define MAXNETNAMELEN   255 /* maximum length of network user's name */

Definition at line 50 of file auth.h.


Typedef Documentation

typedef struct AUTH

Definition at line 94 of file auth.h.

typedef union des_block

Definition at line 79 of file auth.h.


Enumeration Type Documentation

enum auth_stat
Enumerator:
AUTH_OK 
AUTH_BADCRED 
AUTH_REJECTEDCRED 
AUTH_BADVERF 
AUTH_REJECTEDVERF 
AUTH_TOOWEAK 
AUTH_INVALIDRESP 
AUTH_FAILED 

Definition at line 55 of file auth.h.

               {
       AUTH_OK=0,
       /*
        * failed at remote end
        */
       AUTH_BADCRED=1,                    /* bogus credentials (seal broken) */
       AUTH_REJECTEDCRED=2,        /* client should begin new session */
       AUTH_BADVERF=3,                    /* bogus verifier (seal broken) */
       AUTH_REJECTEDVERF=4,        /* verifier expired or was replayed */
       AUTH_TOOWEAK=5,                    /* rejected due to security reasons */
       /*
        * failed locally
       */
       AUTH_INVALIDRESP=6,         /* bogus response verifier */
       AUTH_FAILED=7               /* some unknown reason */
};

Function Documentation

AUTH* authdes_create ( const char *  __servername,
u_int  __window,
struct sockaddr __syncaddr,
des_block __ckey 
)

Definition at line 103 of file auth_des.c.

{
  char pkey_data[1024];
  netobj pkey;

  if (!getpublickey (servername, pkey_data))
    return NULL;

  pkey.n_bytes = pkey_data;
  pkey.n_len = strlen (pkey_data) + 1;
  return INTUSE(authdes_pk_create) (servername, &pkey, window, syncaddr, ckey);
}

Here is the call graph for this function:

Here is the caller graph for this function:

AUTH* authdes_pk_create ( const char *  ,
netobj ,
u_int  ,
struct sockaddr ,
des_block  
)

Definition at line 122 of file auth_des.c.

{
  AUTH *auth;
  struct ad_private *ad;
  char namebuf[MAXNETNAMELEN + 1];

  /*
   * Allocate everything now
   */
  auth = ALLOC (AUTH);
  ad = ALLOC (struct ad_private);

  if (auth == NULL || ad == NULL)
    {
      debug ("authdes_create: out of memory");
      goto failed;
    }

  memset (ad, 0, sizeof (struct ad_private));
  memcpy (ad->ad_pkey, pkey->n_bytes, pkey->n_len);
  if (!getnetname (namebuf))
    goto failed;
  ad->ad_fullnamelen = RNDUP (strlen (namebuf));
  ad->ad_fullname = mem_alloc (ad->ad_fullnamelen + 1);

  ad->ad_servernamelen = strlen (servername);
  ad->ad_servername = mem_alloc (ad->ad_servernamelen + 1);

  if (ad->ad_fullname == NULL || ad->ad_servername == NULL)
    {
      debug ("authdes_create: out of memory");
      goto failed;
    }

  /*
   * Set up private data
   */
  memcpy (ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1);
  memcpy (ad->ad_servername, servername, ad->ad_servernamelen + 1);
  ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0;
  if (syncaddr != NULL)
    {
      ad->ad_syncaddr = *syncaddr;
      ad->ad_dosync = TRUE;
    }
  else
    ad->ad_dosync = FALSE;

  ad->ad_window = window;
  if (ckey == NULL)
    {
      if (key_gendes (&auth->ah_key) < 0)
       {
         debug ("authdes_create: unable to gen conversation key");
         goto failed;
       }
    }
  else
    auth->ah_key = *ckey;

  /*
   * Set up auth handle
   */
  auth->ah_cred.oa_flavor = AUTH_DES;
  auth->ah_verf.oa_flavor = AUTH_DES;
  auth->ah_ops = (struct auth_ops *) &authdes_ops;
  auth->ah_private = (caddr_t) ad;

  if (!authdes_refresh (auth))
    goto failed;

  return auth;

failed:
  if (auth != NULL)
    FREE (auth, sizeof (AUTH));
  if (ad != NULL)
    {
      if (ad->ad_fullname != NULL)
       FREE (ad->ad_fullname, ad->ad_fullnamelen + 1);
      if (ad->ad_servername != NULL)
       FREE (ad->ad_servername, ad->ad_servernamelen + 1);
      FREE (ad, sizeof (struct ad_private));
    }
  return NULL;
}

Here is the call graph for this function:

Here is the caller graph for this function:

AUTH* authnone_create ( void  )

Definition at line 94 of file auth_none.c.

{
  __libc_once (authnone_private_guard, authnone_create_once);
  return &authnone_private.no_client;
}

Here is the call graph for this function:

Here is the caller graph for this function:

AUTH* authunix_create ( char *  __machname,
__uid_t  __uid,
__gid_t  __gid,
int  __len,
__gid_t __aup_gids 
)

Here is the caller graph for this function:

Definition at line 162 of file auth_unix.c.

{
  char machname[MAX_MACHINE_NAME + 1];

  if (__gethostname (machname, MAX_MACHINE_NAME) == -1)
    abort ();
  machname[MAX_MACHINE_NAME] = 0;
  uid_t uid = __geteuid ();
  gid_t gid = __getegid ();

  int max_nr_groups;
  /* When we have to try a second time, do not use alloca() again.  We
     might have reached the stack limit already.  */
  bool retry = false;
 again:
  /* Ask the kernel how many groups there are exactly.  Note that we
     might have to redo all this if the number of groups has changed
     between the two calls.  */
  max_nr_groups = __getgroups (0, NULL);

  /* Just some random reasonable stack limit.  */
#define ALLOCA_LIMIT (1024 / sizeof (gid_t))
  gid_t *gids = NULL;
  if (max_nr_groups < ALLOCA_LIMIT && ! retry)
    gids = (gid_t *) alloca (max_nr_groups * sizeof (gid_t));
  else
    {
      gids = (gid_t *) malloc (max_nr_groups * sizeof (gid_t));
      if (gids == NULL)
       return NULL;
    }

  int len = __getgroups (max_nr_groups, gids);
  if (len == -1)
    {
      if (errno == EINVAL)
       {
         /* New groups added in the meantime.  Try again.  */
         if (max_nr_groups >= ALLOCA_LIMIT || retry)
           free (gids);
         retry = true;
         goto again;
       }
      /* No other error can happen.  */
      abort ();
    }

  /* This braindamaged Sun code forces us here to truncate the
     list of groups to NGRPS members since the code in
     authuxprot.c transforms a fixed array.  Grrr.  */
  AUTH *result = INTUSE(authunix_create) (machname, uid, gid, MIN (NGRPS, len),
                                     gids);

  if (max_nr_groups >= ALLOCA_LIMIT || retry)
    free (gids);

  return result;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int getnetname ( char *  )

Here is the caller graph for this function:

int host2netname ( char *  ,
__const char *  ,
__const char *   
)

Here is the caller graph for this function:

int key_decryptsession ( char *  ,
des_block  
)

Definition at line 133 of file key_call.c.

{
  cryptkeyarg arg;
  cryptkeyres res;

  arg.remotename = remotename;
  arg.deskey = *deskey;
  if (!key_call ((u_long) KEY_DECRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
               (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
               (char *) &res))
    return -1;
  if (res.status != KEY_SUCCESS)
    {
      debug ("decrypt status is nonzero");
      return -1;
    }
  *deskey = res.cryptkeyres_u.deskey;
  return 0;
}

Here is the call graph for this function:

int key_decryptsession_pk ( char *  ,
netobj ,
des_block  
)

Here is the caller graph for this function:

int key_encryptsession ( char *  ,
des_block  
)

Definition at line 111 of file key_call.c.

{
  cryptkeyarg arg;
  cryptkeyres res;

  arg.remotename = remotename;
  arg.deskey = *deskey;
  if (!key_call ((u_long) KEY_ENCRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
               (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
               (char *) &res))
    return -1;

  if (res.status != KEY_SUCCESS)
    {
      debug ("encrypt status is nonzero");
      return -1;
    }
  *deskey = res.cryptkeyres_u.deskey;
  return 0;
}

Here is the call graph for this function:

int key_encryptsession_pk ( char *  ,
netobj ,
des_block  
)

Definition at line 154 of file key_call.c.

{
  cryptkeyarg2 arg;
  cryptkeyres res;

  arg.remotename = remotename;
  arg.remotekey = *remotekey;
  arg.deskey = *deskey;
  if (!key_call ((u_long) KEY_ENCRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
               (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
               (char *) &res))
    return -1;

  if (res.status != KEY_SUCCESS)
    {
      debug ("encrypt status is nonzero");
      return -1;
    }
  *deskey = res.cryptkeyres_u.deskey;
  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

Here is the caller graph for this function:

int key_get_conv ( char *  ,
des_block  
)

Definition at line 253 of file key_call.c.

{
  cryptkeyres res;

  if (!key_call ((u_long) KEY_GET_CONV, (xdrproc_t) INTUSE(xdr_keybuf), pkey,
               (xdrproc_t) INTUSE(xdr_cryptkeyres), (char *) &res))
    return -1;

  if (res.status != KEY_SUCCESS)
    {
      debug ("get_conv status is nonzero");
      return -1;
    }
  *deskey = res.cryptkeyres_u.deskey;
  return 0;
}

Here is the call graph for this function:

Definition at line 92 of file key_call.c.

{
  struct key_netstres kres;

  memset (&kres, 0, sizeof (kres));
  if (key_call ((u_long) KEY_NET_GET, (xdrproc_t) INTUSE(xdr_void),
              (char *) NULL, (xdrproc_t) INTUSE(xdr_key_netstres),
              (char *) &kres) &&
      (kres.status == KEY_SUCCESS) &&
      (kres.key_netstres_u.knet.st_priv_key[0] != 0))
    {
      /* avoid leaving secret key in memory */
      memset (kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES);
      return 1;
    }
  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int key_setsecret ( char *  )

Definition at line 70 of file key_call.c.

{
  keystatus status;

  if (!key_call ((u_long) KEY_SET, (xdrproc_t) INTUSE(xdr_keybuf), secretkey,
               (xdrproc_t) INTUSE(xdr_keystatus), (char *) &status))
    return -1;
  if (status != KEY_SUCCESS)
    {
      debug ("set status is nonzero");
      return -1;
    }
  return 0;
}

Here is the call graph for this function:

int netname2host ( __const char *  ,
char *  ,
__const  int 
)
int netname2user ( __const char *  ,
uid_t ,
gid_t ,
int ,
gid_t  
)

Here is the caller graph for this function:

int user2netname ( char *  ,
__const  uid_t,
__const char *   
)
bool_t xdr_des_block ( XDR __xdrs,
des_block __blkp 
)

Definition at line 72 of file rpc_prot.c.

{
  return INTUSE(xdr_opaque) (xdrs, (caddr_t) blkp, sizeof (des_block));
}

Here is the call graph for this function:

Here is the caller graph for this function:

bool_t xdr_opaque_auth ( XDR ,
struct opaque_auth  
)

Definition at line 58 of file rpc_prot.c.

{

  if (INTUSE(xdr_enum) (xdrs, &(ap->oa_flavor)))
    return INTUSE(xdr_bytes) (xdrs, &ap->oa_base,
                    &ap->oa_length, MAX_AUTH_BYTES);
  return FALSE;
}

Here is the call graph for this function: