11901Swollman/*
21901Swollman * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
31901Swollman * unrestricted use provided that this legend is included on all tape
41901Swollman * media and as a part of the software program in whole or part.  Users
51901Swollman * may copy or modify Sun RPC without charge, but are not authorized
61901Swollman * to license or distribute it to anyone else except as part of a product or
71901Swollman * program developed by the user.
88870Srgrimes *
91901Swollman * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
101901Swollman * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
111901Swollman * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
128870Srgrimes *
131901Swollman * Sun RPC is provided with no support and without any obligation on the
141901Swollman * part of Sun Microsystems, Inc. to assist in its use, correction,
151901Swollman * modification or enhancement.
168870Srgrimes *
171901Swollman * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
181901Swollman * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
191901Swollman * OR ANY PART THEREOF.
208870Srgrimes *
211901Swollman * In no event will Sun Microsystems, Inc. be liable for any lost revenue
221901Swollman * or profits or other special, indirect and consequential damages, even if
231901Swollman * Sun has been advised of the possibility of such damages.
248870Srgrimes *
251901Swollman * Sun Microsystems, Inc.
261901Swollman * 2550 Garcia Avenue
271901Swollman * Mountain View, California  94043
281901Swollman */
291901Swollman
301901Swollman#if defined(LIBC_SCCS) && !defined(lint)
31136581Sobrienstatic char *sccsid2 = "@(#)svc_auth_unix.c 1.28 88/02/08 Copyr 1984 Sun Micro";
3274462Salfredstatic char *sccsid = "@(#)svc_auth_unix.c	2.3 88/08/01 4.0 RPCSRC";
331901Swollman#endif
3492990Sobrien#include <sys/cdefs.h>
3592990Sobrien__FBSDID("$FreeBSD$");
361901Swollman
371901Swollman/*
381901Swollman * svc_auth_unix.c
391901Swollman * Handles UNIX flavor authentication parameters on the service side of rpc.
401901Swollman * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
411901Swollman * _svcauth_unix does full blown unix style uid,gid+gids auth,
421901Swollman * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
431901Swollman * Note: the shorthand has been gutted for efficiency.
441901Swollman *
451901Swollman * Copyright (C) 1984, Sun Microsystems, Inc.
461901Swollman */
471901Swollman
4874462Salfred#include "namespace.h"
4974462Salfred#include <assert.h>
501901Swollman#include <stdio.h>
5111666Sphk#include <string.h>
5274462Salfred
531901Swollman#include <rpc/rpc.h>
5474462Salfred#include "un-namespace.h"
551901Swollman
561901Swollman/*
571901Swollman * Unix longhand authenticator
581901Swollman */
591901Swollmanenum auth_stat
601901Swollman_svcauth_unix(rqst, msg)
6174462Salfred	struct svc_req *rqst;
6274462Salfred	struct rpc_msg *msg;
631901Swollman{
6474462Salfred	enum auth_stat stat;
651901Swollman	XDR xdrs;
6674462Salfred	struct authunix_parms *aup;
6774462Salfred	int32_t *buf;
681901Swollman	struct area {
691901Swollman		struct authunix_parms area_aup;
701901Swollman		char area_machname[MAX_MACHINE_NAME+1];
71241181Spfg		u_int area_gids[NGRPS];
721901Swollman	} *area;
731901Swollman	u_int auth_len;
7474462Salfred	size_t str_len, gid_len;
7574462Salfred	u_int i;
761901Swollman
7774462Salfred	assert(rqst != NULL);
7874462Salfred	assert(msg != NULL);
7974462Salfred
801901Swollman	area = (struct area *) rqst->rq_clntcred;
811901Swollman	aup = &area->area_aup;
821901Swollman	aup->aup_machname = area->area_machname;
831901Swollman	aup->aup_gids = area->area_gids;
841901Swollman	auth_len = (u_int)msg->rm_call.cb_cred.oa_length;
851901Swollman	xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE);
861901Swollman	buf = XDR_INLINE(&xdrs, auth_len);
871901Swollman	if (buf != NULL) {
8874462Salfred		aup->aup_time = IXDR_GET_INT32(buf);
8974462Salfred		str_len = (size_t)IXDR_GET_U_INT32(buf);
901901Swollman		if (str_len > MAX_MACHINE_NAME) {
911901Swollman			stat = AUTH_BADCRED;
921901Swollman			goto done;
931901Swollman		}
9474462Salfred		memmove(aup->aup_machname, buf, str_len);
951901Swollman		aup->aup_machname[str_len] = 0;
961901Swollman		str_len = RNDUP(str_len);
9721088Speter		buf += str_len / sizeof (int32_t);
9874462Salfred		aup->aup_uid = (int)IXDR_GET_INT32(buf);
9974462Salfred		aup->aup_gid = (int)IXDR_GET_INT32(buf);
10074462Salfred		gid_len = (size_t)IXDR_GET_U_INT32(buf);
1011901Swollman		if (gid_len > NGRPS) {
1021901Swollman			stat = AUTH_BADCRED;
1031901Swollman			goto done;
1041901Swollman		}
1051901Swollman		aup->aup_len = gid_len;
1061901Swollman		for (i = 0; i < gid_len; i++) {
10774462Salfred			aup->aup_gids[i] = (int)IXDR_GET_INT32(buf);
1081901Swollman		}
1091901Swollman		/*
1101901Swollman		 * five is the smallest unix credentials structure -
1111901Swollman		 * timestamp, hostname len (0), uid, gid, and gids len (0).
1121901Swollman		 */
1131901Swollman		if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
11474462Salfred			(void) printf("bad auth_len gid %ld str %ld auth %u\n",
11574462Salfred			    (long)gid_len, (long)str_len, auth_len);
1161901Swollman			stat = AUTH_BADCRED;
1171901Swollman			goto done;
1181901Swollman		}
1191901Swollman	} else if (! xdr_authunix_parms(&xdrs, aup)) {
1201901Swollman		xdrs.x_op = XDR_FREE;
1211901Swollman		(void)xdr_authunix_parms(&xdrs, aup);
1221901Swollman		stat = AUTH_BADCRED;
1231901Swollman		goto done;
1241901Swollman	}
12526221Swpaul
12674462Salfred       /* get the verifier */
12726221Swpaul	if ((u_int)msg->rm_call.cb_verf.oa_length) {
12874462Salfred		rqst->rq_xprt->xp_verf.oa_flavor =
12926221Swpaul			msg->rm_call.cb_verf.oa_flavor;
13074462Salfred		rqst->rq_xprt->xp_verf.oa_base =
13126221Swpaul			msg->rm_call.cb_verf.oa_base;
13274462Salfred		rqst->rq_xprt->xp_verf.oa_length =
13326221Swpaul			msg->rm_call.cb_verf.oa_length;
13426221Swpaul	} else {
13526221Swpaul		rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
13626221Swpaul		rqst->rq_xprt->xp_verf.oa_length = 0;
13726221Swpaul	}
1381901Swollman	stat = AUTH_OK;
1391901Swollmandone:
1401901Swollman	XDR_DESTROY(&xdrs);
1411901Swollman	return (stat);
1421901Swollman}
1431901Swollman
1441901Swollman
1451901Swollman/*
1461901Swollman * Shorthand unix authenticator
1471901Swollman * Looks up longhand in a cache.
1481901Swollman */
1491901Swollman/*ARGSUSED*/
15074462Salfredenum auth_stat
1511901Swollman_svcauth_short(rqst, msg)
1521901Swollman	struct svc_req *rqst;
1531901Swollman	struct rpc_msg *msg;
1541901Swollman{
1551901Swollman	return (AUTH_REJECTEDCRED);
1561901Swollman}
157