1 | #include <machine/rtems-bsd-user-space.h> |
---|
2 | |
---|
3 | /*- |
---|
4 | * SPDX-License-Identifier: BSD-3-Clause |
---|
5 | * |
---|
6 | * Copyright (c) 2009, Sun Microsystems, Inc. |
---|
7 | * All rights reserved. |
---|
8 | * |
---|
9 | * Redistribution and use in source and binary forms, with or without |
---|
10 | * modification, are permitted provided that the following conditions are met: |
---|
11 | * - Redistributions of source code must retain the above copyright notice, |
---|
12 | * this list of conditions and the following disclaimer. |
---|
13 | * - Redistributions in binary form must reproduce the above copyright notice, |
---|
14 | * this list of conditions and the following disclaimer in the documentation |
---|
15 | * and/or other materials provided with the distribution. |
---|
16 | * - Neither the name of Sun Microsystems, Inc. nor the names of its |
---|
17 | * contributors may be used to endorse or promote products derived |
---|
18 | * from this software without specific prior written permission. |
---|
19 | * |
---|
20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
---|
21 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
---|
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
---|
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
---|
24 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
---|
25 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
---|
26 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
---|
27 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
---|
28 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
---|
29 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
---|
30 | * POSSIBILITY OF SUCH DAMAGE. |
---|
31 | */ |
---|
32 | |
---|
33 | #if defined(LIBC_SCCS) && !defined(lint) |
---|
34 | static char *sccsid2 = "@(#)svc_auth_unix.c 1.28 88/02/08 Copyr 1984 Sun Micro"; |
---|
35 | static char *sccsid = "@(#)svc_auth_unix.c 2.3 88/08/01 4.0 RPCSRC"; |
---|
36 | #endif |
---|
37 | #include <sys/cdefs.h> |
---|
38 | __FBSDID("$FreeBSD$"); |
---|
39 | |
---|
40 | /* |
---|
41 | * svc_auth_unix.c |
---|
42 | * Handles UNIX flavor authentication parameters on the service side of rpc. |
---|
43 | * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT. |
---|
44 | * _svcauth_unix does full blown unix style uid,gid+gids auth, |
---|
45 | * _svcauth_short uses a shorthand auth to index into a cache of longhand auths. |
---|
46 | * Note: the shorthand has been gutted for efficiency. |
---|
47 | * |
---|
48 | * Copyright (C) 1984, Sun Microsystems, Inc. |
---|
49 | */ |
---|
50 | |
---|
51 | #include "namespace.h" |
---|
52 | #include <assert.h> |
---|
53 | #include <stdio.h> |
---|
54 | #include <string.h> |
---|
55 | |
---|
56 | #include <rpc/rpc.h> |
---|
57 | #include "un-namespace.h" |
---|
58 | |
---|
59 | /* |
---|
60 | * Unix longhand authenticator |
---|
61 | */ |
---|
62 | enum auth_stat |
---|
63 | _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg) |
---|
64 | { |
---|
65 | enum auth_stat stat; |
---|
66 | XDR xdrs; |
---|
67 | struct authunix_parms *aup; |
---|
68 | int32_t *buf; |
---|
69 | struct area { |
---|
70 | struct authunix_parms area_aup; |
---|
71 | char area_machname[MAX_MACHINE_NAME+1]; |
---|
72 | u_int area_gids[NGRPS]; |
---|
73 | } *area; |
---|
74 | u_int auth_len; |
---|
75 | size_t str_len, gid_len; |
---|
76 | u_int i; |
---|
77 | |
---|
78 | assert(rqst != NULL); |
---|
79 | assert(msg != NULL); |
---|
80 | |
---|
81 | area = (struct area *) rqst->rq_clntcred; |
---|
82 | aup = &area->area_aup; |
---|
83 | aup->aup_machname = area->area_machname; |
---|
84 | aup->aup_gids = area->area_gids; |
---|
85 | auth_len = (u_int)msg->rm_call.cb_cred.oa_length; |
---|
86 | xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE); |
---|
87 | buf = XDR_INLINE(&xdrs, auth_len); |
---|
88 | if (buf != NULL) { |
---|
89 | aup->aup_time = IXDR_GET_INT32(buf); |
---|
90 | str_len = (size_t)IXDR_GET_U_INT32(buf); |
---|
91 | if (str_len > MAX_MACHINE_NAME) { |
---|
92 | stat = AUTH_BADCRED; |
---|
93 | goto done; |
---|
94 | } |
---|
95 | memmove(aup->aup_machname, buf, str_len); |
---|
96 | aup->aup_machname[str_len] = 0; |
---|
97 | str_len = RNDUP(str_len); |
---|
98 | buf += str_len / sizeof (int32_t); |
---|
99 | aup->aup_uid = (int)IXDR_GET_INT32(buf); |
---|
100 | aup->aup_gid = (int)IXDR_GET_INT32(buf); |
---|
101 | gid_len = (size_t)IXDR_GET_U_INT32(buf); |
---|
102 | if (gid_len > NGRPS) { |
---|
103 | stat = AUTH_BADCRED; |
---|
104 | goto done; |
---|
105 | } |
---|
106 | aup->aup_len = gid_len; |
---|
107 | for (i = 0; i < gid_len; i++) { |
---|
108 | aup->aup_gids[i] = (int)IXDR_GET_INT32(buf); |
---|
109 | } |
---|
110 | /* |
---|
111 | * five is the smallest unix credentials structure - |
---|
112 | * timestamp, hostname len (0), uid, gid, and gids len (0). |
---|
113 | */ |
---|
114 | if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) { |
---|
115 | (void) printf("bad auth_len gid %ld str %ld auth %u\n", |
---|
116 | (long)gid_len, (long)str_len, auth_len); |
---|
117 | stat = AUTH_BADCRED; |
---|
118 | goto done; |
---|
119 | } |
---|
120 | } else if (! xdr_authunix_parms(&xdrs, aup)) { |
---|
121 | xdrs.x_op = XDR_FREE; |
---|
122 | (void)xdr_authunix_parms(&xdrs, aup); |
---|
123 | stat = AUTH_BADCRED; |
---|
124 | goto done; |
---|
125 | } |
---|
126 | |
---|
127 | /* get the verifier */ |
---|
128 | if ((u_int)msg->rm_call.cb_verf.oa_length) { |
---|
129 | rqst->rq_xprt->xp_verf.oa_flavor = |
---|
130 | msg->rm_call.cb_verf.oa_flavor; |
---|
131 | rqst->rq_xprt->xp_verf.oa_base = |
---|
132 | msg->rm_call.cb_verf.oa_base; |
---|
133 | rqst->rq_xprt->xp_verf.oa_length = |
---|
134 | msg->rm_call.cb_verf.oa_length; |
---|
135 | } else { |
---|
136 | rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL; |
---|
137 | rqst->rq_xprt->xp_verf.oa_length = 0; |
---|
138 | } |
---|
139 | stat = AUTH_OK; |
---|
140 | done: |
---|
141 | XDR_DESTROY(&xdrs); |
---|
142 | return (stat); |
---|
143 | } |
---|
144 | |
---|
145 | |
---|
146 | /* |
---|
147 | * Shorthand unix authenticator |
---|
148 | * Looks up longhand in a cache. |
---|
149 | */ |
---|
150 | /*ARGSUSED*/ |
---|
151 | enum auth_stat |
---|
152 | _svcauth_short(struct svc_req *rqst, struct rpc_msg *msg) |
---|
153 | { |
---|
154 | return (AUTH_REJECTEDCRED); |
---|
155 | } |
---|