auth_unix.c revision 1.1.4.1
1 /* 2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3 * unrestricted use provided that this legend is included on all tape 4 * media and as a part of the software program in whole or part. Users 5 * may copy or modify Sun RPC without charge, but are not authorized 6 * to license or distribute it to anyone else except as part of a product or 7 * program developed by the user. 8 * 9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12 * 13 * Sun RPC is provided with no support and without any obligation on the 14 * part of Sun Microsystems, Inc. to assist in its use, correction, 15 * modification or enhancement. 16 * 17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19 * OR ANY PART THEREOF. 20 * 21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22 * or profits or other special, indirect and consequential damages, even if 23 * Sun has been advised of the possibility of such damages. 24 * 25 * Sun Microsystems, Inc. 26 * 2550 Garcia Avenue 27 * Mountain View, California 94043 28 */ 29 30 #if defined(LIBC_SCCS) && !defined(lint) 31 /*static char *sccsid = "from: @(#)auth_unix.c 1.19 87/08/11 Copyr 1984 Sun Micro";*/ 32 /*static char *sccsid = "from: @(#)auth_unix.c 2.2 88/08/01 4.0 RPCSRC";*/ 33 static char *rcsid = "$Id: auth_unix.c,v 1.1.4.1 1995/05/02 19:36:00 jtc Exp $"; 34 #endif 35 36 /* 37 * auth_unix.c, Implements UNIX style authentication parameters. 38 * 39 * Copyright (C) 1984, Sun Microsystems, Inc. 40 * 41 * The system is very weak. The client uses no encryption for it's 42 * credentials and only sends null verifiers. The server sends backs 43 * null verifiers or optionally a verifier that suggests a new short hand 44 * for the credentials. 45 * 46 */ 47 48 #include "namespace.h" 49 #include <stdio.h> 50 #include <stdlib.h> 51 52 #include <rpc/types.h> 53 #include <rpc/xdr.h> 54 #include <rpc/auth.h> 55 #include <rpc/auth_unix.h> 56 57 /* 58 * Unix authenticator operations vector 59 */ 60 static void authunix_nextverf(); 61 static bool_t authunix_marshal(); 62 static bool_t authunix_validate(); 63 static bool_t authunix_refresh(); 64 static void authunix_destroy(); 65 66 static struct auth_ops auth_unix_ops = { 67 authunix_nextverf, 68 authunix_marshal, 69 authunix_validate, 70 authunix_refresh, 71 authunix_destroy 72 }; 73 74 /* 75 * This struct is pointed to by the ah_private field of an auth_handle. 76 */ 77 struct audata { 78 struct opaque_auth au_origcred; /* original credentials */ 79 struct opaque_auth au_shcred; /* short hand cred */ 80 u_long au_shfaults; /* short hand cache faults */ 81 char au_marshed[MAX_AUTH_BYTES]; 82 u_int au_mpos; /* xdr pos at end of marshed */ 83 }; 84 #define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private) 85 86 static bool_t marshal_new_auth(); 87 88 89 /* 90 * Create a unix style authenticator. 91 * Returns an auth handle with the given stuff in it. 92 */ 93 AUTH * 94 authunix_create(machname, uid, gid, len, aup_gids) 95 char *machname; 96 int uid; 97 int gid; 98 register int len; 99 int *aup_gids; 100 { 101 struct authunix_parms aup; 102 char mymem[MAX_AUTH_BYTES]; 103 struct timeval now; 104 XDR xdrs; 105 register AUTH *auth; 106 register struct audata *au; 107 108 /* 109 * Allocate and set up auth handle 110 */ 111 auth = (AUTH *)mem_alloc(sizeof(*auth)); 112 #ifndef KERNEL 113 if (auth == NULL) { 114 (void)fprintf(stderr, "authunix_create: out of memory\n"); 115 return (NULL); 116 } 117 #endif 118 au = (struct audata *)mem_alloc(sizeof(*au)); 119 #ifndef KERNEL 120 if (au == NULL) { 121 (void)fprintf(stderr, "authunix_create: out of memory\n"); 122 return (NULL); 123 } 124 #endif 125 auth->ah_ops = &auth_unix_ops; 126 auth->ah_private = (caddr_t)au; 127 auth->ah_verf = au->au_shcred = _null_auth; 128 au->au_shfaults = 0; 129 130 /* 131 * fill in param struct from the given params 132 */ 133 (void)gettimeofday(&now, (struct timezone *)0); 134 aup.aup_time = now.tv_sec; 135 aup.aup_machname = machname; 136 aup.aup_uid = uid; 137 aup.aup_gid = gid; 138 aup.aup_len = (u_int)len; 139 aup.aup_gids = aup_gids; 140 141 /* 142 * Serialize the parameters into origcred 143 */ 144 xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE); 145 if (! xdr_authunix_parms(&xdrs, &aup)) 146 abort(); 147 au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs); 148 au->au_origcred.oa_flavor = AUTH_UNIX; 149 #ifdef KERNEL 150 au->au_origcred.oa_base = mem_alloc((u_int) len); 151 #else 152 if ((au->au_origcred.oa_base = mem_alloc((u_int) len)) == NULL) { 153 (void)fprintf(stderr, "authunix_create: out of memory\n"); 154 return (NULL); 155 } 156 #endif 157 bcopy(mymem, au->au_origcred.oa_base, (u_int)len); 158 159 /* 160 * set auth handle to reflect new cred. 161 */ 162 auth->ah_cred = au->au_origcred; 163 marshal_new_auth(auth); 164 return (auth); 165 } 166 167 /* 168 * Returns an auth handle with parameters determined by doing lots of 169 * syscalls. 170 */ 171 AUTH * 172 authunix_create_default() 173 { 174 register int len; 175 char machname[MAX_MACHINE_NAME + 1]; 176 register int uid; 177 register int gid; 178 int gids[NGRPS]; 179 180 if (gethostname(machname, MAX_MACHINE_NAME) == -1) 181 abort(); 182 machname[MAX_MACHINE_NAME] = 0; 183 uid = geteuid(); 184 gid = getegid(); 185 if ((len = getgroups(NGRPS, gids)) < 0) 186 abort(); 187 return (authunix_create(machname, uid, gid, len, gids)); 188 } 189 190 /* 191 * authunix operations 192 */ 193 194 static void 195 authunix_nextverf(auth) 196 AUTH *auth; 197 { 198 /* no action necessary */ 199 } 200 201 static bool_t 202 authunix_marshal(auth, xdrs) 203 AUTH *auth; 204 XDR *xdrs; 205 { 206 register struct audata *au = AUTH_PRIVATE(auth); 207 208 return (XDR_PUTBYTES(xdrs, au->au_marshed, au->au_mpos)); 209 } 210 211 static bool_t 212 authunix_validate(auth, verf) 213 register AUTH *auth; 214 struct opaque_auth verf; 215 { 216 register struct audata *au; 217 XDR xdrs; 218 219 if (verf.oa_flavor == AUTH_SHORT) { 220 au = AUTH_PRIVATE(auth); 221 xdrmem_create(&xdrs, verf.oa_base, verf.oa_length, XDR_DECODE); 222 223 if (au->au_shcred.oa_base != NULL) { 224 mem_free(au->au_shcred.oa_base, 225 au->au_shcred.oa_length); 226 au->au_shcred.oa_base = NULL; 227 } 228 if (xdr_opaque_auth(&xdrs, &au->au_shcred)) { 229 auth->ah_cred = au->au_shcred; 230 } else { 231 xdrs.x_op = XDR_FREE; 232 (void)xdr_opaque_auth(&xdrs, &au->au_shcred); 233 au->au_shcred.oa_base = NULL; 234 auth->ah_cred = au->au_origcred; 235 } 236 marshal_new_auth(auth); 237 } 238 return (TRUE); 239 } 240 241 static bool_t 242 authunix_refresh(auth) 243 register AUTH *auth; 244 { 245 register struct audata *au = AUTH_PRIVATE(auth); 246 struct authunix_parms aup; 247 struct timeval now; 248 XDR xdrs; 249 register int stat; 250 251 if (auth->ah_cred.oa_base == au->au_origcred.oa_base) { 252 /* there is no hope. Punt */ 253 return (FALSE); 254 } 255 au->au_shfaults ++; 256 257 /* first deserialize the creds back into a struct authunix_parms */ 258 aup.aup_machname = NULL; 259 aup.aup_gids = (int *)NULL; 260 xdrmem_create(&xdrs, au->au_origcred.oa_base, 261 au->au_origcred.oa_length, XDR_DECODE); 262 stat = xdr_authunix_parms(&xdrs, &aup); 263 if (! stat) 264 goto done; 265 266 /* update the time and serialize in place */ 267 (void)gettimeofday(&now, (struct timezone *)0); 268 aup.aup_time = now.tv_sec; 269 xdrs.x_op = XDR_ENCODE; 270 XDR_SETPOS(&xdrs, 0); 271 stat = xdr_authunix_parms(&xdrs, &aup); 272 if (! stat) 273 goto done; 274 auth->ah_cred = au->au_origcred; 275 marshal_new_auth(auth); 276 done: 277 /* free the struct authunix_parms created by deserializing */ 278 xdrs.x_op = XDR_FREE; 279 (void)xdr_authunix_parms(&xdrs, &aup); 280 XDR_DESTROY(&xdrs); 281 return (stat); 282 } 283 284 static void 285 authunix_destroy(auth) 286 register AUTH *auth; 287 { 288 register struct audata *au = AUTH_PRIVATE(auth); 289 290 mem_free(au->au_origcred.oa_base, au->au_origcred.oa_length); 291 292 if (au->au_shcred.oa_base != NULL) 293 mem_free(au->au_shcred.oa_base, au->au_shcred.oa_length); 294 295 mem_free(auth->ah_private, sizeof(struct audata)); 296 297 if (auth->ah_verf.oa_base != NULL) 298 mem_free(auth->ah_verf.oa_base, auth->ah_verf.oa_length); 299 300 mem_free((caddr_t)auth, sizeof(*auth)); 301 } 302 303 /* 304 * Marshals (pre-serializes) an auth struct. 305 * sets private data, au_marshed and au_mpos 306 */ 307 static bool_t 308 marshal_new_auth(auth) 309 register AUTH *auth; 310 { 311 XDR xdr_stream; 312 register XDR *xdrs = &xdr_stream; 313 register struct audata *au = AUTH_PRIVATE(auth); 314 315 xdrmem_create(xdrs, au->au_marshed, MAX_AUTH_BYTES, XDR_ENCODE); 316 if ((! xdr_opaque_auth(xdrs, &(auth->ah_cred))) || 317 (! xdr_opaque_auth(xdrs, &(auth->ah_verf)))) { 318 perror("auth_none.c - Fatal marshalling problem"); 319 } else { 320 au->au_mpos = XDR_GETPOS(xdrs); 321 } 322 XDR_DESTROY(xdrs); 323 } 324
Indexes created Thu Sep 25 08:09:54 GMT 2025