Back to index

glibc  2.9
svc_auth.c
Go to the documentation of this file.
00001 /* @(#)svc_auth.c       2.4 88/08/15 4.0 RPCSRC */
00002 /*
00003  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
00004  * unrestricted use provided that this legend is included on all tape
00005  * media and as a part of the software program in whole or part.  Users
00006  * may copy or modify Sun RPC without charge, but are not authorized
00007  * to license or distribute it to anyone else except as part of a product or
00008  * program developed by the user.
00009  *
00010  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
00011  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
00012  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
00013  *
00014  * Sun RPC is provided with no support and without any obligation on the
00015  * part of Sun Microsystems, Inc. to assist in its use, correction,
00016  * modification or enhancement.
00017  *
00018  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
00019  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
00020  * OR ANY PART THEREOF.
00021  *
00022  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
00023  * or profits or other special, indirect and consequential damages, even if
00024  * Sun has been advised of the possibility of such damages.
00025  *
00026  * Sun Microsystems, Inc.
00027  * 2550 Garcia Avenue
00028  * Mountain View, California  94043
00029  */
00030 #if !defined(lint) && defined(SCCSIDS)
00031 static char sccsid[] = "@(#)svc_auth.c 1.19 87/08/11 Copyr 1984 Sun Micro";
00032 #endif
00033 
00034 /*
00035  * svc_auth.c, Server-side rpc authenticator interface.
00036  *
00037  * Copyright (C) 1984, Sun Microsystems, Inc.
00038  */
00039 
00040 #include <rpc/rpc.h>
00041 #include <rpc/svc.h>
00042 #include <rpc/svc_auth.h>
00043 
00044 /*
00045  * svcauthsw is the bdevsw of server side authentication.
00046  *
00047  * Server side authenticators are called from authenticate by
00048  * using the client auth struct flavor field to index into svcauthsw.
00049  * The server auth flavors must implement a routine that looks
00050  * like:
00051  *
00052  *      enum auth_stat
00053  *      flavorx_auth(rqst, msg)
00054  *              register struct svc_req *rqst;
00055  *              register struct rpc_msg *msg;
00056  *
00057  */
00058 
00059 static enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *);
00060                             /* no authentication */
00061 extern enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *);
00062                             /* unix style (uid, gids) */
00063 extern enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *);
00064                             /* short hand unix style */
00065 extern enum auth_stat _svcauth_des (struct svc_req *, struct rpc_msg *);
00066                             /* des style */
00067 
00068 static const struct
00069   {
00070     enum auth_stat (*authenticator) (struct svc_req *, struct rpc_msg *);
00071   }
00072 svcauthsw[] =
00073 {
00074   { _svcauth_null },        /* AUTH_NULL */
00075   { _svcauth_unix },        /* AUTH_UNIX */
00076   { _svcauth_short },              /* AUTH_SHORT */
00077   { _svcauth_des }          /* AUTH_DES */
00078 };
00079 #define       AUTH_MAX      3      /* HIGHEST AUTH NUMBER */
00080 
00081 
00082 /*
00083  * The call rpc message, msg has been obtained from the wire.  The msg contains
00084  * the raw form of credentials and verifiers.  authenticate returns AUTH_OK
00085  * if the msg is successfully authenticated.  If AUTH_OK then the routine also
00086  * does the following things:
00087  * set rqst->rq_xprt->verf to the appropriate response verifier;
00088  * sets rqst->rq_client_cred to the "cooked" form of the credentials.
00089  *
00090  * NB: rqst->rq_cxprt->verf must be pre-allocated;
00091  * its length is set appropriately.
00092  *
00093  * The caller still owns and is responsible for msg->u.cmb.cred and
00094  * msg->u.cmb.verf.  The authentication system retains ownership of
00095  * rqst->rq_client_cred, the cooked credentials.
00096  *
00097  * There is an assumption that any flavour less than AUTH_NULL is
00098  * invalid.
00099  */
00100 enum auth_stat
00101 _authenticate (register struct svc_req *rqst, struct rpc_msg *msg)
00102 {
00103   register int cred_flavor;
00104 
00105   rqst->rq_cred = msg->rm_call.cb_cred;
00106   rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor;
00107   rqst->rq_xprt->xp_verf.oa_length = 0;
00108   cred_flavor = rqst->rq_cred.oa_flavor;
00109   if ((cred_flavor <= AUTH_MAX) && (cred_flavor >= AUTH_NULL))
00110     return (*(svcauthsw[cred_flavor].authenticator)) (rqst, msg);
00111 
00112   return AUTH_REJECTEDCRED;
00113 }
00114 INTDEF(_authenticate)
00115 
00116 static enum auth_stat
00117 _svcauth_null (struct svc_req *rqst, struct rpc_msg *msg)
00118 {
00119   return AUTH_OK;
00120 }