11901Swollman/* 21901Swollman * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 31901Swollman * unrestricted use provided that this legend is included on all tape 41901Swollman * media and as a part of the software program in whole or part. Users 51901Swollman * may copy or modify Sun RPC without charge, but are not authorized 61901Swollman * to license or distribute it to anyone else except as part of a product or 71901Swollman * program developed by the user. 88870Srgrimes * 91901Swollman * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 101901Swollman * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 111901Swollman * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 128870Srgrimes * 131901Swollman * Sun RPC is provided with no support and without any obligation on the 141901Swollman * part of Sun Microsystems, Inc. to assist in its use, correction, 151901Swollman * modification or enhancement. 168870Srgrimes * 171901Swollman * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 181901Swollman * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 191901Swollman * OR ANY PART THEREOF. 208870Srgrimes * 211901Swollman * In no event will Sun Microsystems, Inc. be liable for any lost revenue 221901Swollman * or profits or other special, indirect and consequential damages, even if 231901Swollman * Sun has been advised of the possibility of such damages. 248870Srgrimes * 251901Swollman * Sun Microsystems, Inc. 261901Swollman * 2550 Garcia Avenue 271901Swollman * Mountain View, California 94043 281901Swollman */ 291901Swollman 301901Swollman#if defined(LIBC_SCCS) && !defined(lint) 31136581Sobrienstatic char *sccsid2 = "@(#)svc_auth_unix.c 1.28 88/02/08 Copyr 1984 Sun Micro"; 3274462Salfredstatic char *sccsid = "@(#)svc_auth_unix.c 2.3 88/08/01 4.0 RPCSRC"; 331901Swollman#endif 3492990Sobrien#include <sys/cdefs.h> 3592990Sobrien__FBSDID("$FreeBSD$"); 361901Swollman 371901Swollman/* 381901Swollman * svc_auth_unix.c 391901Swollman * Handles UNIX flavor authentication parameters on the service side of rpc. 401901Swollman * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT. 411901Swollman * _svcauth_unix does full blown unix style uid,gid+gids auth, 421901Swollman * _svcauth_short uses a shorthand auth to index into a cache of longhand auths. 431901Swollman * Note: the shorthand has been gutted for efficiency. 441901Swollman * 451901Swollman * Copyright (C) 1984, Sun Microsystems, Inc. 461901Swollman */ 471901Swollman 4874462Salfred#include "namespace.h" 4974462Salfred#include <assert.h> 501901Swollman#include <stdio.h> 5111666Sphk#include <string.h> 5274462Salfred 531901Swollman#include <rpc/rpc.h> 5474462Salfred#include "un-namespace.h" 551901Swollman 561901Swollman/* 571901Swollman * Unix longhand authenticator 581901Swollman */ 591901Swollmanenum auth_stat 601901Swollman_svcauth_unix(rqst, msg) 6174462Salfred struct svc_req *rqst; 6274462Salfred struct rpc_msg *msg; 631901Swollman{ 6474462Salfred enum auth_stat stat; 651901Swollman XDR xdrs; 6674462Salfred struct authunix_parms *aup; 6774462Salfred int32_t *buf; 681901Swollman struct area { 691901Swollman struct authunix_parms area_aup; 701901Swollman char area_machname[MAX_MACHINE_NAME+1]; 71241181Spfg u_int area_gids[NGRPS]; 721901Swollman } *area; 731901Swollman u_int auth_len; 7474462Salfred size_t str_len, gid_len; 7574462Salfred u_int i; 761901Swollman 7774462Salfred assert(rqst != NULL); 7874462Salfred assert(msg != NULL); 7974462Salfred 801901Swollman area = (struct area *) rqst->rq_clntcred; 811901Swollman aup = &area->area_aup; 821901Swollman aup->aup_machname = area->area_machname; 831901Swollman aup->aup_gids = area->area_gids; 841901Swollman auth_len = (u_int)msg->rm_call.cb_cred.oa_length; 851901Swollman xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE); 861901Swollman buf = XDR_INLINE(&xdrs, auth_len); 871901Swollman if (buf != NULL) { 8874462Salfred aup->aup_time = IXDR_GET_INT32(buf); 8974462Salfred str_len = (size_t)IXDR_GET_U_INT32(buf); 901901Swollman if (str_len > MAX_MACHINE_NAME) { 911901Swollman stat = AUTH_BADCRED; 921901Swollman goto done; 931901Swollman } 9474462Salfred memmove(aup->aup_machname, buf, str_len); 951901Swollman aup->aup_machname[str_len] = 0; 961901Swollman str_len = RNDUP(str_len); 9721088Speter buf += str_len / sizeof (int32_t); 9874462Salfred aup->aup_uid = (int)IXDR_GET_INT32(buf); 9974462Salfred aup->aup_gid = (int)IXDR_GET_INT32(buf); 10074462Salfred gid_len = (size_t)IXDR_GET_U_INT32(buf); 1011901Swollman if (gid_len > NGRPS) { 1021901Swollman stat = AUTH_BADCRED; 1031901Swollman goto done; 1041901Swollman } 1051901Swollman aup->aup_len = gid_len; 1061901Swollman for (i = 0; i < gid_len; i++) { 10774462Salfred aup->aup_gids[i] = (int)IXDR_GET_INT32(buf); 1081901Swollman } 1091901Swollman /* 1101901Swollman * five is the smallest unix credentials structure - 1111901Swollman * timestamp, hostname len (0), uid, gid, and gids len (0). 1121901Swollman */ 1131901Swollman if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) { 11474462Salfred (void) printf("bad auth_len gid %ld str %ld auth %u\n", 11574462Salfred (long)gid_len, (long)str_len, auth_len); 1161901Swollman stat = AUTH_BADCRED; 1171901Swollman goto done; 1181901Swollman } 1191901Swollman } else if (! xdr_authunix_parms(&xdrs, aup)) { 1201901Swollman xdrs.x_op = XDR_FREE; 1211901Swollman (void)xdr_authunix_parms(&xdrs, aup); 1221901Swollman stat = AUTH_BADCRED; 1231901Swollman goto done; 1241901Swollman } 12526221Swpaul 12674462Salfred /* get the verifier */ 12726221Swpaul if ((u_int)msg->rm_call.cb_verf.oa_length) { 12874462Salfred rqst->rq_xprt->xp_verf.oa_flavor = 12926221Swpaul msg->rm_call.cb_verf.oa_flavor; 13074462Salfred rqst->rq_xprt->xp_verf.oa_base = 13126221Swpaul msg->rm_call.cb_verf.oa_base; 13274462Salfred rqst->rq_xprt->xp_verf.oa_length = 13326221Swpaul msg->rm_call.cb_verf.oa_length; 13426221Swpaul } else { 13526221Swpaul rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL; 13626221Swpaul rqst->rq_xprt->xp_verf.oa_length = 0; 13726221Swpaul } 1381901Swollman stat = AUTH_OK; 1391901Swollmandone: 1401901Swollman XDR_DESTROY(&xdrs); 1411901Swollman return (stat); 1421901Swollman} 1431901Swollman 1441901Swollman 1451901Swollman/* 1461901Swollman * Shorthand unix authenticator 1471901Swollman * Looks up longhand in a cache. 1481901Swollman */ 1491901Swollman/*ARGSUSED*/ 15074462Salfredenum auth_stat 1511901Swollman_svcauth_short(rqst, msg) 1521901Swollman struct svc_req *rqst; 1531901Swollman struct rpc_msg *msg; 1541901Swollman{ 1551901Swollman return (AUTH_REJECTEDCRED); 1561901Swollman} 157