auth_unix.c revision 180025
1177633Sdfr/* $NetBSD: auth_unix.c,v 1.18 2000/07/06 03:03:30 christos Exp $ */ 2177633Sdfr 3177633Sdfr/* 4177633Sdfr * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 5177633Sdfr * unrestricted use provided that this legend is included on all tape 6177633Sdfr * media and as a part of the software program in whole or part. Users 7177633Sdfr * may copy or modify Sun RPC without charge, but are not authorized 8177633Sdfr * to license or distribute it to anyone else except as part of a product or 9177633Sdfr * program developed by the user. 10177633Sdfr * 11177633Sdfr * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 12177633Sdfr * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 13177633Sdfr * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 14177633Sdfr * 15177633Sdfr * Sun RPC is provided with no support and without any obligation on the 16177633Sdfr * part of Sun Microsystems, Inc. to assist in its use, correction, 17177633Sdfr * modification or enhancement. 18177633Sdfr * 19177633Sdfr * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 20177633Sdfr * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 21177633Sdfr * OR ANY PART THEREOF. 22177633Sdfr * 23177633Sdfr * In no event will Sun Microsystems, Inc. be liable for any lost revenue 24177633Sdfr * or profits or other special, indirect and consequential damages, even if 25177633Sdfr * Sun has been advised of the possibility of such damages. 26177633Sdfr * 27177633Sdfr * Sun Microsystems, Inc. 28177633Sdfr * 2550 Garcia Avenue 29177633Sdfr * Mountain View, California 94043 30177633Sdfr */ 31177633Sdfr 32177633Sdfr#if defined(LIBC_SCCS) && !defined(lint) 33177633Sdfrstatic char *sccsid2 = "@(#)auth_unix.c 1.19 87/08/11 Copyr 1984 Sun Micro"; 34177633Sdfrstatic char *sccsid = "@(#)auth_unix.c 2.2 88/08/01 4.0 RPCSRC"; 35177633Sdfr#endif 36177633Sdfr#include <sys/cdefs.h> 37177633Sdfr__FBSDID("$FreeBSD: head/sys/rpc/auth_unix.c 180025 2008-06-26 10:21:54Z dfr $"); 38177633Sdfr 39177633Sdfr/* 40177633Sdfr * auth_unix.c, Implements UNIX style authentication parameters. 41177633Sdfr * 42177633Sdfr * Copyright (C) 1984, Sun Microsystems, Inc. 43177633Sdfr * 44177633Sdfr * The system is very weak. The client uses no encryption for it's 45177633Sdfr * credentials and only sends null verifiers. The server sends backs 46177633Sdfr * null verifiers or optionally a verifier that suggests a new short hand 47177633Sdfr * for the credentials. 48177633Sdfr * 49177633Sdfr */ 50177633Sdfr 51177633Sdfr#include <sys/param.h> 52177633Sdfr#include <sys/systm.h> 53180025Sdfr#include <sys/hash.h> 54180025Sdfr#include <sys/kernel.h> 55177633Sdfr#include <sys/lock.h> 56177633Sdfr#include <sys/malloc.h> 57180025Sdfr#include <sys/sx.h> 58177633Sdfr#include <sys/ucred.h> 59177633Sdfr 60177633Sdfr#include <rpc/types.h> 61177633Sdfr#include <rpc/xdr.h> 62177633Sdfr#include <rpc/auth.h> 63177633Sdfr 64177685Sdfr#include <rpc/rpc_com.h> 65177633Sdfr 66177633Sdfr/* auth_unix.c */ 67177633Sdfrstatic void authunix_nextverf (AUTH *); 68177633Sdfrstatic bool_t authunix_marshal (AUTH *, XDR *); 69177633Sdfrstatic bool_t authunix_validate (AUTH *, struct opaque_auth *); 70177633Sdfrstatic bool_t authunix_refresh (AUTH *, void *); 71177633Sdfrstatic void authunix_destroy (AUTH *); 72177633Sdfrstatic void marshal_new_auth (AUTH *); 73177633Sdfr 74177633Sdfrstatic struct auth_ops authunix_ops = { 75177633Sdfr .ah_nextverf = authunix_nextverf, 76177633Sdfr .ah_marshal = authunix_marshal, 77177633Sdfr .ah_validate = authunix_validate, 78177633Sdfr .ah_refresh = authunix_refresh, 79177633Sdfr .ah_destroy = authunix_destroy 80177633Sdfr}; 81177633Sdfr 82177633Sdfr/* 83177633Sdfr * This struct is pointed to by the ah_private field of an auth_handle. 84177633Sdfr */ 85177633Sdfrstruct audata { 86180025Sdfr TAILQ_ENTRY(audata) au_link; 87180025Sdfr TAILQ_ENTRY(audata) au_alllink; 88180025Sdfr int au_refs; 89180025Sdfr struct xucred au_xcred; 90177633Sdfr struct opaque_auth au_origcred; /* original credentials */ 91177633Sdfr struct opaque_auth au_shcred; /* short hand cred */ 92177633Sdfr u_long au_shfaults; /* short hand cache faults */ 93177633Sdfr char au_marshed[MAX_AUTH_BYTES]; 94177633Sdfr u_int au_mpos; /* xdr pos at end of marshed */ 95180025Sdfr AUTH *au_auth; /* link back to AUTH */ 96177633Sdfr}; 97180025SdfrTAILQ_HEAD(audata_list, audata); 98177633Sdfr#define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private) 99177633Sdfr 100180025Sdfr#define AUTH_UNIX_HASH_SIZE 16 101180025Sdfr#define AUTH_UNIX_MAX 256 102180025Sdfrstatic struct audata_list auth_unix_cache[AUTH_UNIX_HASH_SIZE]; 103180025Sdfrstatic struct audata_list auth_unix_all; 104180025Sdfrstatic struct sx auth_unix_lock; 105180025Sdfrstatic int auth_unix_count; 106180025Sdfr 107180025Sdfrstatic void 108180025Sdfrauthunix_init(void *dummy) 109180025Sdfr{ 110180025Sdfr int i; 111180025Sdfr 112180025Sdfr for (i = 0; i < AUTH_UNIX_HASH_SIZE; i++) 113180025Sdfr TAILQ_INIT(&auth_unix_cache[i]); 114180025Sdfr TAILQ_INIT(&auth_unix_all); 115180025Sdfr sx_init(&auth_unix_lock, "auth_unix_lock"); 116180025Sdfr} 117180025SdfrSYSINIT(authunix_init, SI_SUB_KMEM, SI_ORDER_ANY, authunix_init, NULL); 118180025Sdfr 119177633Sdfr/* 120177633Sdfr * Create a unix style authenticator. 121177633Sdfr * Returns an auth handle with the given stuff in it. 122177633Sdfr */ 123177633SdfrAUTH * 124177633Sdfrauthunix_create(struct ucred *cred) 125177633Sdfr{ 126180025Sdfr uint32_t h, th; 127177633Sdfr struct xucred xcr; 128177633Sdfr char mymem[MAX_AUTH_BYTES]; 129177633Sdfr XDR xdrs; 130177633Sdfr AUTH *auth; 131180025Sdfr struct audata *au, *tau; 132177633Sdfr struct timeval now; 133177633Sdfr uint32_t time; 134177633Sdfr int len; 135177633Sdfr 136180025Sdfr if (auth_unix_count > AUTH_UNIX_MAX) { 137180025Sdfr while (auth_unix_count > AUTH_UNIX_MAX) { 138180025Sdfr sx_xlock(&auth_unix_lock); 139180025Sdfr tau = TAILQ_FIRST(&auth_unix_all); 140180025Sdfr th = HASHSTEP(HASHINIT, tau->au_xcred.cr_uid) 141180025Sdfr % AUTH_UNIX_HASH_SIZE; 142180025Sdfr TAILQ_REMOVE(&auth_unix_cache[th], tau, au_link); 143180025Sdfr TAILQ_REMOVE(&auth_unix_all, tau, au_alllink); 144180025Sdfr auth_unix_count--; 145180025Sdfr sx_xunlock(&auth_unix_lock); 146180025Sdfr AUTH_DESTROY(tau->au_auth); 147180025Sdfr } 148180025Sdfr } 149180025Sdfr 150177633Sdfr /* 151180025Sdfr * Hash the uid to see if we already have an AUTH with this cred. 152180025Sdfr */ 153180025Sdfr h = HASHSTEP(HASHINIT, cred->cr_uid) % AUTH_UNIX_HASH_SIZE; 154180025Sdfr cru2x(cred, &xcr); 155180025Sdfragain: 156180025Sdfr sx_slock(&auth_unix_lock); 157180025Sdfr TAILQ_FOREACH(au, &auth_unix_cache[h], au_link) { 158180025Sdfr if (!memcmp(&xcr, &au->au_xcred, sizeof(xcr))) { 159180025Sdfr if (sx_try_upgrade(&auth_unix_lock)) { 160180025Sdfr /* 161180025Sdfr * Keep auth_unix_all LRU sorted. 162180025Sdfr */ 163180025Sdfr TAILQ_REMOVE(&auth_unix_all, au, au_alllink); 164180025Sdfr TAILQ_INSERT_TAIL(&auth_unix_all, au, 165180025Sdfr au_alllink); 166180025Sdfr au->au_refs++; 167180025Sdfr sx_xunlock(&auth_unix_lock); 168180025Sdfr return (au->au_auth); 169180025Sdfr } else { 170180025Sdfr sx_sunlock(&auth_unix_lock); 171180025Sdfr goto again; 172180025Sdfr } 173180025Sdfr } 174180025Sdfr } 175180025Sdfr 176180025Sdfr /* 177177633Sdfr * Allocate and set up auth handle 178177633Sdfr */ 179177633Sdfr au = NULL; 180177633Sdfr auth = mem_alloc(sizeof(*auth)); 181177633Sdfr au = mem_alloc(sizeof(*au)); 182177633Sdfr auth->ah_ops = &authunix_ops; 183177633Sdfr auth->ah_private = (caddr_t)au; 184177633Sdfr auth->ah_verf = au->au_shcred = _null_auth; 185180025Sdfr au->au_refs = 1; 186180025Sdfr au->au_xcred = xcr; 187177633Sdfr au->au_shfaults = 0; 188177633Sdfr au->au_origcred.oa_base = NULL; 189180025Sdfr au->au_auth = auth; 190177633Sdfr 191177633Sdfr getmicrotime(&now); 192177633Sdfr time = now.tv_sec; 193177633Sdfr 194177633Sdfr /* 195177633Sdfr * Serialize the parameters into origcred 196177633Sdfr */ 197177633Sdfr xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE); 198177633Sdfr cru2x(cred, &xcr); 199177633Sdfr if (! xdr_authunix_parms(&xdrs, &time, &xcr)) 200177633Sdfr panic("authunix_create: failed to encode creds"); 201177633Sdfr au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs); 202177633Sdfr au->au_origcred.oa_flavor = AUTH_UNIX; 203177633Sdfr au->au_origcred.oa_base = mem_alloc((u_int) len); 204177633Sdfr memcpy(au->au_origcred.oa_base, mymem, (size_t)len); 205177633Sdfr 206177633Sdfr /* 207177633Sdfr * set auth handle to reflect new cred. 208177633Sdfr */ 209177633Sdfr auth->ah_cred = au->au_origcred; 210177633Sdfr marshal_new_auth(auth); 211180025Sdfr 212180025Sdfr if (sx_try_upgrade(&auth_unix_lock)) { 213180025Sdfr auth_unix_count++; 214180025Sdfr TAILQ_INSERT_TAIL(&auth_unix_cache[h], au, au_link); 215180025Sdfr TAILQ_INSERT_TAIL(&auth_unix_all, au, au_alllink); 216180025Sdfr au->au_refs++; /* one for the cache, one for user */ 217180025Sdfr sx_xunlock(&auth_unix_lock); 218180025Sdfr return (auth); 219180025Sdfr } else { 220180025Sdfr sx_sunlock(&auth_unix_lock); 221180025Sdfr AUTH_DESTROY(auth); 222180025Sdfr goto again; 223177633Sdfr } 224177633Sdfr} 225177633Sdfr 226177633Sdfr/* 227177633Sdfr * authunix operations 228177633Sdfr */ 229177633Sdfr 230177633Sdfr/* ARGSUSED */ 231177633Sdfrstatic void 232177633Sdfrauthunix_nextverf(AUTH *auth) 233177633Sdfr{ 234177633Sdfr /* no action necessary */ 235177633Sdfr} 236177633Sdfr 237177633Sdfrstatic bool_t 238177633Sdfrauthunix_marshal(AUTH *auth, XDR *xdrs) 239177633Sdfr{ 240177633Sdfr struct audata *au; 241177633Sdfr 242177633Sdfr au = AUTH_PRIVATE(auth); 243177633Sdfr return (XDR_PUTBYTES(xdrs, au->au_marshed, au->au_mpos)); 244177633Sdfr} 245177633Sdfr 246177633Sdfrstatic bool_t 247177633Sdfrauthunix_validate(AUTH *auth, struct opaque_auth *verf) 248177633Sdfr{ 249177633Sdfr struct audata *au; 250177633Sdfr XDR xdrs; 251177633Sdfr 252177633Sdfr if (verf->oa_flavor == AUTH_SHORT) { 253177633Sdfr au = AUTH_PRIVATE(auth); 254177633Sdfr xdrmem_create(&xdrs, verf->oa_base, verf->oa_length, 255177633Sdfr XDR_DECODE); 256177633Sdfr 257177633Sdfr if (au->au_shcred.oa_base != NULL) { 258177633Sdfr mem_free(au->au_shcred.oa_base, 259177633Sdfr au->au_shcred.oa_length); 260177633Sdfr au->au_shcred.oa_base = NULL; 261177633Sdfr } 262177633Sdfr if (xdr_opaque_auth(&xdrs, &au->au_shcred)) { 263177633Sdfr auth->ah_cred = au->au_shcred; 264177633Sdfr } else { 265177633Sdfr xdrs.x_op = XDR_FREE; 266177633Sdfr (void)xdr_opaque_auth(&xdrs, &au->au_shcred); 267177633Sdfr au->au_shcred.oa_base = NULL; 268177633Sdfr auth->ah_cred = au->au_origcred; 269177633Sdfr } 270177633Sdfr marshal_new_auth(auth); 271177633Sdfr } 272177633Sdfr return (TRUE); 273177633Sdfr} 274177633Sdfr 275177633Sdfrstatic bool_t 276177633Sdfrauthunix_refresh(AUTH *auth, void *dummy) 277177633Sdfr{ 278177633Sdfr struct audata *au = AUTH_PRIVATE(auth); 279177633Sdfr struct xucred xcr; 280177633Sdfr uint32_t time; 281177633Sdfr struct timeval now; 282177633Sdfr XDR xdrs; 283177633Sdfr int stat; 284177633Sdfr 285177633Sdfr if (auth->ah_cred.oa_base == au->au_origcred.oa_base) { 286177633Sdfr /* there is no hope. Punt */ 287177633Sdfr return (FALSE); 288177633Sdfr } 289177633Sdfr au->au_shfaults ++; 290177633Sdfr 291177633Sdfr /* first deserialize the creds back into a struct ucred */ 292177633Sdfr xdrmem_create(&xdrs, au->au_origcred.oa_base, 293177633Sdfr au->au_origcred.oa_length, XDR_DECODE); 294177633Sdfr stat = xdr_authunix_parms(&xdrs, &time, &xcr); 295177633Sdfr if (! stat) 296177633Sdfr goto done; 297177633Sdfr 298177633Sdfr /* update the time and serialize in place */ 299177633Sdfr getmicrotime(&now); 300177633Sdfr time = now.tv_sec; 301177633Sdfr xdrs.x_op = XDR_ENCODE; 302177633Sdfr XDR_SETPOS(&xdrs, 0); 303177633Sdfr 304177633Sdfr stat = xdr_authunix_parms(&xdrs, &time, &xcr); 305177633Sdfr if (! stat) 306177633Sdfr goto done; 307177633Sdfr auth->ah_cred = au->au_origcred; 308177633Sdfr marshal_new_auth(auth); 309177633Sdfrdone: 310177633Sdfr XDR_DESTROY(&xdrs); 311177633Sdfr return (stat); 312177633Sdfr} 313177633Sdfr 314177633Sdfrstatic void 315177633Sdfrauthunix_destroy(AUTH *auth) 316177633Sdfr{ 317177633Sdfr struct audata *au; 318180025Sdfr int refs; 319177633Sdfr 320177633Sdfr au = AUTH_PRIVATE(auth); 321180025Sdfr 322180025Sdfr sx_xlock(&auth_unix_lock); 323180025Sdfr au->au_refs--; 324180025Sdfr refs = au->au_refs; 325180025Sdfr sx_xunlock(&auth_unix_lock); 326180025Sdfr 327180025Sdfr if (refs > 0) 328180025Sdfr return; 329180025Sdfr 330177633Sdfr mem_free(au->au_origcred.oa_base, au->au_origcred.oa_length); 331177633Sdfr 332177633Sdfr if (au->au_shcred.oa_base != NULL) 333177633Sdfr mem_free(au->au_shcred.oa_base, au->au_shcred.oa_length); 334177633Sdfr 335177633Sdfr mem_free(auth->ah_private, sizeof(struct audata)); 336177633Sdfr 337177633Sdfr if (auth->ah_verf.oa_base != NULL) 338177633Sdfr mem_free(auth->ah_verf.oa_base, auth->ah_verf.oa_length); 339177633Sdfr 340177633Sdfr mem_free(auth, sizeof(*auth)); 341177633Sdfr} 342177633Sdfr 343177633Sdfr/* 344177633Sdfr * Marshals (pre-serializes) an auth struct. 345177633Sdfr * sets private data, au_marshed and au_mpos 346177633Sdfr */ 347177633Sdfrstatic void 348177633Sdfrmarshal_new_auth(AUTH *auth) 349177633Sdfr{ 350177633Sdfr XDR xdr_stream; 351177633Sdfr XDR *xdrs = &xdr_stream; 352177633Sdfr struct audata *au; 353177633Sdfr 354177633Sdfr au = AUTH_PRIVATE(auth); 355177633Sdfr xdrmem_create(xdrs, au->au_marshed, MAX_AUTH_BYTES, XDR_ENCODE); 356177633Sdfr if ((! xdr_opaque_auth(xdrs, &(auth->ah_cred))) || 357177633Sdfr (! xdr_opaque_auth(xdrs, &(auth->ah_verf)))) 358177633Sdfr printf("auth_none.c - Fatal marshalling problem"); 359177633Sdfr else 360177633Sdfr au->au_mpos = XDR_GETPOS(xdrs); 361177633Sdfr XDR_DESTROY(xdrs); 362177633Sdfr} 363