Back to index

glibc  2.9
svc_authux.c
Go to the documentation of this file.
00001 /*
00002  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
00003  * unrestricted use provided that this legend is included on all tape
00004  * media and as a part of the software program in whole or part.  Users
00005  * may copy or modify Sun RPC without charge, but are not authorized
00006  * to license or distribute it to anyone else except as part of a product or
00007  * program developed by the user.
00008  *
00009  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
00010  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
00011  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
00012  *
00013  * Sun RPC is provided with no support and without any obligation on the
00014  * part of Sun Microsystems, Inc. to assist in its use, correction,
00015  * modification or enhancement.
00016  *
00017  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
00018  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
00019  * OR ANY PART THEREOF.
00020  *
00021  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
00022  * or profits or other special, indirect and consequential damages, even if
00023  * Sun has been advised of the possibility of such damages.
00024  *
00025  * Sun Microsystems, Inc.
00026  * 2550 Garcia Avenue
00027  * Mountain View, California  94043
00028  */
00029 
00030 /*
00031  * svc_auth_unix.c
00032  * Handles UNIX flavor authentication parameters on the service side of rpc.
00033  * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
00034  * _svcauth_unix does full blown unix style uid,gid+gids auth,
00035  * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
00036  * Note: the shorthand has been gutted for efficiency.
00037  *
00038  * Copyright (C) 1984, Sun Microsystems, Inc.
00039  */
00040 
00041 #include <stdio.h>
00042 #include <string.h>
00043 #include <rpc/rpc.h>
00044 #include <rpc/svc.h>
00045 
00046 /*
00047  * Unix longhand authenticator
00048  */
00049 enum auth_stat
00050 _svcauth_unix (struct svc_req *rqst, struct rpc_msg *msg)
00051 {
00052   enum auth_stat stat;
00053   XDR xdrs;
00054   struct authunix_parms *aup;
00055   int32_t *buf;
00056   struct area
00057     {
00058       struct authunix_parms area_aup;
00059       char area_machname[MAX_MACHINE_NAME + 1];
00060       gid_t area_gids[NGRPS];
00061     }
00062    *area;
00063   u_int auth_len;
00064   u_int str_len, gid_len;
00065   u_int i;
00066 
00067   area = (struct area *) rqst->rq_clntcred;
00068   aup = &area->area_aup;
00069   aup->aup_machname = area->area_machname;
00070   aup->aup_gids = area->area_gids;
00071   auth_len = (u_int) msg->rm_call.cb_cred.oa_length;
00072   INTUSE(xdrmem_create) (&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,
00073                       XDR_DECODE);
00074   buf = XDR_INLINE (&xdrs, auth_len);
00075   if (buf != NULL)
00076     {
00077       aup->aup_time = IXDR_GET_LONG (buf);
00078       str_len = IXDR_GET_U_INT32 (buf);
00079       if (str_len > MAX_MACHINE_NAME)
00080        {
00081          stat = AUTH_BADCRED;
00082          goto done;
00083        }
00084       memcpy (aup->aup_machname, (caddr_t) buf, (u_int) str_len);
00085       aup->aup_machname[str_len] = 0;
00086       str_len = RNDUP (str_len);
00087       buf = (int32_t *) ((char *) buf + str_len);
00088       aup->aup_uid = IXDR_GET_LONG (buf);
00089       aup->aup_gid = IXDR_GET_LONG (buf);
00090       gid_len = IXDR_GET_U_INT32 (buf);
00091       if (gid_len > NGRPS)
00092        {
00093          stat = AUTH_BADCRED;
00094          goto done;
00095        }
00096       aup->aup_len = gid_len;
00097       for (i = 0; i < gid_len; i++)
00098        {
00099          aup->aup_gids[i] = IXDR_GET_LONG (buf);
00100        }
00101       /*
00102        * five is the smallest unix credentials structure -
00103        * timestamp, hostname len (0), uid, gid, and gids len (0).
00104        */
00105       if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len)
00106        {
00107          stat = AUTH_BADCRED;
00108          goto done;
00109        }
00110     }
00111   else if (!INTUSE(xdr_authunix_parms) (&xdrs, aup))
00112     {
00113       xdrs.x_op = XDR_FREE;
00114       (void) INTUSE(xdr_authunix_parms) (&xdrs, aup);
00115       stat = AUTH_BADCRED;
00116       goto done;
00117     }
00118 
00119   /* get the verifier */
00120   if ((u_int)msg->rm_call.cb_verf.oa_length)
00121     {
00122       rqst->rq_xprt->xp_verf.oa_flavor =
00123        msg->rm_call.cb_verf.oa_flavor;
00124       rqst->rq_xprt->xp_verf.oa_base =
00125        msg->rm_call.cb_verf.oa_base;
00126       rqst->rq_xprt->xp_verf.oa_length =
00127        msg->rm_call.cb_verf.oa_length;
00128     }
00129   else
00130     {
00131       rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
00132       rqst->rq_xprt->xp_verf.oa_length = 0;
00133     }
00134   stat = AUTH_OK;
00135 done:
00136   XDR_DESTROY (&xdrs);
00137   return stat;
00138 }
00139 
00140 
00141 /*
00142  * Shorthand unix authenticator
00143  * Looks up longhand in a cache.
00144  */
00145 /*ARGSUSED */
00146 enum auth_stat
00147 _svcauth_short (struct svc_req *rqst, struct rpc_msg *msg)
00148 {
00149   return AUTH_REJECTEDCRED;
00150 }