svc_auth_unix.c 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
  1. /* @(#)svc_auth_unix.c 2.3 88/08/01 4.0 RPCSRC; from 1.28 88/02/08 SMI */
  2. /*
  3. * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
  4. * unrestricted use provided that this legend is included on all tape
  5. * media and as a part of the software program in whole or part. Users
  6. * may copy or modify Sun RPC without charge, but are not authorized
  7. * to license or distribute it to anyone else except as part of a product or
  8. * program developed by the user.
  9. *
  10. * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
  11. * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
  12. * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
  13. *
  14. * Sun RPC is provided with no support and without any obligation on the
  15. * part of Sun Microsystems, Inc. to assist in its use, correction,
  16. * modification or enhancement.
  17. *
  18. * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
  19. * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
  20. * OR ANY PART THEREOF.
  21. *
  22. * In no event will Sun Microsystems, Inc. be liable for any lost revenue
  23. * or profits or other special, indirect and consequential damages, even if
  24. * Sun has been advised of the possibility of such damages.
  25. *
  26. * Sun Microsystems, Inc.
  27. * 2550 Garcia Avenue
  28. * Mountain View, California 94043
  29. */
  30. #define __FORCE_GLIBC__
  31. #include <features.h>
  32. /*
  33. * svc_auth_unix.c
  34. * Handles UNIX flavor authentication parameters on the service side of rpc.
  35. * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
  36. * _svcauth_unix does full blown unix style uid,gid+gids auth,
  37. * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
  38. * Note: the shorthand has been gutted for efficiency.
  39. *
  40. * Copyright (C) 1984, Sun Microsystems, Inc.
  41. */
  42. #include <stdio.h>
  43. #include <rpc/rpc.h>
  44. /*
  45. * Unix longhand authenticator
  46. */
  47. enum auth_stat _svcauth_unix(rqst, msg)
  48. register struct svc_req *rqst;
  49. register struct rpc_msg *msg;
  50. {
  51. register enum auth_stat stat;
  52. XDR xdrs;
  53. register struct authunix_parms *aup;
  54. register long *buf;
  55. struct area {
  56. struct authunix_parms area_aup;
  57. char area_machname[MAX_MACHINE_NAME + 1];
  58. int area_gids[NGRPS];
  59. } *area;
  60. u_int auth_len;
  61. int str_len, gid_len;
  62. register int i;
  63. area = (struct area *) rqst->rq_clntcred;
  64. aup = &area->area_aup;
  65. aup->aup_machname = area->area_machname;
  66. aup->aup_gids = area->area_gids;
  67. auth_len = (u_int) msg->rm_call.cb_cred.oa_length;
  68. xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,
  69. XDR_DECODE);
  70. buf = (long *)XDR_INLINE(&xdrs, auth_len);
  71. if (buf != NULL) {
  72. aup->aup_time = IXDR_GET_LONG(buf);
  73. str_len = IXDR_GET_U_LONG(buf);
  74. if (str_len > MAX_MACHINE_NAME) {
  75. stat = AUTH_BADCRED;
  76. goto done;
  77. }
  78. bcopy((caddr_t) buf, aup->aup_machname, (u_int) str_len);
  79. aup->aup_machname[str_len] = 0;
  80. str_len = RNDUP(str_len);
  81. buf += str_len / sizeof(long);
  82. aup->aup_uid = IXDR_GET_LONG(buf);
  83. aup->aup_gid = IXDR_GET_LONG(buf);
  84. gid_len = IXDR_GET_U_LONG(buf);
  85. if (gid_len > NGRPS) {
  86. stat = AUTH_BADCRED;
  87. goto done;
  88. }
  89. aup->aup_len = gid_len;
  90. for (i = 0; i < gid_len; i++) {
  91. aup->aup_gids[i] = IXDR_GET_LONG(buf);
  92. }
  93. /*
  94. * five is the smallest unix credentials structure -
  95. * timestamp, hostname len (0), uid, gid, and gids len (0).
  96. */
  97. if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
  98. (void) printf("bad auth_len gid %d str %d auth %d\n",
  99. gid_len, str_len, auth_len);
  100. stat = AUTH_BADCRED;
  101. goto done;
  102. }
  103. } else if (!xdr_authunix_parms(&xdrs, aup)) {
  104. xdrs.x_op = XDR_FREE;
  105. (void) xdr_authunix_parms(&xdrs, aup);
  106. stat = AUTH_BADCRED;
  107. goto done;
  108. }
  109. rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
  110. rqst->rq_xprt->xp_verf.oa_length = 0;
  111. stat = AUTH_OK;
  112. done:
  113. XDR_DESTROY(&xdrs);
  114. return (stat);
  115. }
  116. /*
  117. * Shorthand unix authenticator
  118. * Looks up longhand in a cache.
  119. */
  120. /*ARGSUSED*/ enum auth_stat _svcauth_short(rqst, msg)
  121. struct svc_req *rqst;
  122. struct rpc_msg *msg;
  123. {
  124. return (AUTH_REJECTEDCRED);
  125. }