(root)/
glibc-2.38/
sunrpc/
svc_authux.c
       1  /*
       2   * svc_auth_unix.c
       3   * Handles UNIX flavor authentication parameters on the service side of rpc.
       4   * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
       5   * _svcauth_unix does full blown unix style uid,gid+gids auth,
       6   * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
       7   * Note: the shorthand has been gutted for efficiency.
       8   *
       9   * Copyright (c) 2010, Oracle America, Inc.
      10   *
      11   * Redistribution and use in source and binary forms, with or without
      12   * modification, are permitted provided that the following conditions are
      13   * met:
      14   *
      15   *     * Redistributions of source code must retain the above copyright
      16   *       notice, this list of conditions and the following disclaimer.
      17   *     * Redistributions in binary form must reproduce the above
      18   *       copyright notice, this list of conditions and the following
      19   *       disclaimer in the documentation and/or other materials
      20   *       provided with the distribution.
      21   *     * Neither the name of the "Oracle America, Inc." nor the names of its
      22   *       contributors may be used to endorse or promote products derived
      23   *       from this software without specific prior written permission.
      24   *
      25   *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
      26   *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
      27   *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
      28   *   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
      29   *   COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
      30   *   INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      31   *   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
      32   *   GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
      33   *   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
      34   *   WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
      35   *   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
      36   *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
      37   */
      38  
      39  #include <stdio.h>
      40  #include <string.h>
      41  #include <rpc/rpc.h>
      42  #include <rpc/svc.h>
      43  
      44  /*
      45   * Unix longhand authenticator
      46   */
      47  enum auth_stat
      48  _svcauth_unix (struct svc_req *rqst, struct rpc_msg *msg)
      49  {
      50    enum auth_stat stat;
      51    XDR xdrs;
      52    struct authunix_parms *aup;
      53    int32_t *buf;
      54    struct area
      55      {
      56        struct authunix_parms area_aup;
      57        char area_machname[MAX_MACHINE_NAME + 1];
      58        gid_t area_gids[NGRPS];
      59      }
      60     *area;
      61    u_int auth_len;
      62    u_int str_len, gid_len;
      63    u_int i;
      64  
      65    area = (struct area *) rqst->rq_clntcred;
      66    aup = &area->area_aup;
      67    aup->aup_machname = area->area_machname;
      68    aup->aup_gids = area->area_gids;
      69    auth_len = (u_int) msg->rm_call.cb_cred.oa_length;
      70    xdrmem_create (&xdrs, msg->rm_call.cb_cred.oa_base, auth_len, XDR_DECODE);
      71    buf = XDR_INLINE (&xdrs, auth_len);
      72    if (buf != NULL)
      73      {
      74        aup->aup_time = IXDR_GET_LONG (buf);
      75        str_len = IXDR_GET_U_INT32 (buf);
      76        if (str_len > MAX_MACHINE_NAME)
      77  	{
      78  	  stat = AUTH_BADCRED;
      79  	  goto done;
      80  	}
      81        memcpy (aup->aup_machname, (caddr_t) buf, (u_int) str_len);
      82        aup->aup_machname[str_len] = 0;
      83        str_len = RNDUP (str_len);
      84        buf = (int32_t *) ((char *) buf + str_len);
      85        aup->aup_uid = IXDR_GET_LONG (buf);
      86        aup->aup_gid = IXDR_GET_LONG (buf);
      87        gid_len = IXDR_GET_U_INT32 (buf);
      88        if (gid_len > NGRPS)
      89  	{
      90  	  stat = AUTH_BADCRED;
      91  	  goto done;
      92  	}
      93        aup->aup_len = gid_len;
      94        for (i = 0; i < gid_len; i++)
      95  	{
      96  	  aup->aup_gids[i] = IXDR_GET_LONG (buf);
      97  	}
      98        /*
      99         * five is the smallest unix credentials structure -
     100         * timestamp, hostname len (0), uid, gid, and gids len (0).
     101         */
     102        if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len)
     103  	{
     104  	  stat = AUTH_BADCRED;
     105  	  goto done;
     106  	}
     107      }
     108    else if (!xdr_authunix_parms (&xdrs, aup))
     109      {
     110        xdrs.x_op = XDR_FREE;
     111        (void) xdr_authunix_parms (&xdrs, aup);
     112        stat = AUTH_BADCRED;
     113        goto done;
     114      }
     115  
     116    /* get the verifier */
     117    if ((u_int)msg->rm_call.cb_verf.oa_length)
     118      {
     119        rqst->rq_xprt->xp_verf.oa_flavor =
     120  	msg->rm_call.cb_verf.oa_flavor;
     121        rqst->rq_xprt->xp_verf.oa_base =
     122  	msg->rm_call.cb_verf.oa_base;
     123        rqst->rq_xprt->xp_verf.oa_length =
     124  	msg->rm_call.cb_verf.oa_length;
     125      }
     126    else
     127      {
     128        rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
     129        rqst->rq_xprt->xp_verf.oa_length = 0;
     130      }
     131    stat = AUTH_OK;
     132  done:
     133    XDR_DESTROY (&xdrs);
     134    return stat;
     135  }
     136  
     137  
     138  /*
     139   * Shorthand unix authenticator
     140   * Looks up longhand in a cache.
     141   */
     142  /*ARGSUSED */
     143  enum auth_stat
     144  _svcauth_short (struct svc_req *rqst, struct rpc_msg *msg)
     145  {
     146    return AUTH_REJECTEDCRED;
     147  }