svc_auth.c revision 1901
1231200Smm/* 2238856Smm * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3231200Smm * unrestricted use provided that this legend is included on all tape 4231200Smm * media and as a part of the software program in whole or part. Users 5231200Smm * may copy or modify Sun RPC without charge, but are not authorized 6231200Smm * to license or distribute it to anyone else except as part of a product or 7231200Smm * program developed by the user. 8231200Smm * 9231200Smm * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10231200Smm * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 11231200Smm * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12231200Smm * 13231200Smm * Sun RPC is provided with no support and without any obligation on the 14231200Smm * part of Sun Microsystems, Inc. to assist in its use, correction, 15231200Smm * modification or enhancement. 16231200Smm * 17231200Smm * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18231200Smm * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19231200Smm * OR ANY PART THEREOF. 20231200Smm * 21231200Smm * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22231200Smm * or profits or other special, indirect and consequential damages, even if 23231200Smm * Sun has been advised of the possibility of such damages. 24231200Smm * 25231200Smm * Sun Microsystems, Inc. 26231200Smm * 2550 Garcia Avenue 27231200Smm * Mountain View, California 94043 28231200Smm */ 29231200Smm 30231200Smm#if defined(LIBC_SCCS) && !defined(lint) 31231200Smm/*static char *sccsid = "from: @(#)svc_auth.c 1.19 87/08/11 Copyr 1984 Sun Micro";*/ 32231200Smm/*static char *sccsid = "from: @(#)svc_auth.c 2.1 88/08/07 4.0 RPCSRC";*/ 33231200Smmstatic char *rcsid = "$Id: svc_auth.c,v 1.1 1993/10/27 05:40:56 paul Exp $"; 34231200Smm#endif 35231200Smm 36231200Smm/* 37231200Smm * svc_auth_nodes.c, Server-side rpc authenticator interface, 38231200Smm * *WITHOUT* DES authentication. 39231200Smm * 40231200Smm * Copyright (C) 1984, Sun Microsystems, Inc. 41231200Smm */ 42231200Smm 43231200Smm#include <rpc/rpc.h> 44231200Smm 45231200Smm/* 46231200Smm * svcauthsw is the bdevsw of server side authentication. 47231200Smm * 48231200Smm * Server side authenticators are called from authenticate by 49231200Smm * using the client auth struct flavor field to index into svcauthsw. 50231200Smm * The server auth flavors must implement a routine that looks 51231200Smm * like: 52231200Smm * 53231200Smm * enum auth_stat 54231200Smm * flavorx_auth(rqst, msg) 55231200Smm * register struct svc_req *rqst; 56231200Smm * register struct rpc_msg *msg; 57231200Smm * 58231200Smm */ 59231200Smm 60231200Smmenum auth_stat _svcauth_null(); /* no authentication */ 61231200Smmenum auth_stat _svcauth_unix(); /* unix style (uid, gids) */ 62231200Smmenum auth_stat _svcauth_short(); /* short hand unix style */ 63231200Smm 64231200Smmstatic struct { 65231200Smm enum auth_stat (*authenticator)(); 66231200Smm} svcauthsw[] = { 67231200Smm _svcauth_null, /* AUTH_NULL */ 68231200Smm _svcauth_unix, /* AUTH_UNIX */ 69231200Smm _svcauth_short, /* AUTH_SHORT */ 70231200Smm}; 71231200Smm#define AUTH_MAX 2 /* HIGHEST AUTH NUMBER */ 72231200Smm 73231200Smm 74231200Smm/* 75231200Smm * The call rpc message, msg has been obtained from the wire. The msg contains 76231200Smm * the raw form of credentials and verifiers. authenticate returns AUTH_OK 77231200Smm * if the msg is successfully authenticated. If AUTH_OK then the routine also 78231200Smm * does the following things: 79231200Smm * set rqst->rq_xprt->verf to the appropriate response verifier; 80231200Smm * sets rqst->rq_client_cred to the "cooked" form of the credentials. 81231200Smm * 82231200Smm * NB: rqst->rq_cxprt->verf must be pre-alloctaed; 83231200Smm * its length is set appropriately. 84231200Smm * 85231200Smm * The caller still owns and is responsible for msg->u.cmb.cred and 86231200Smm * msg->u.cmb.verf. The authentication system retains ownership of 87231200Smm * rqst->rq_client_cred, the cooked credentials. 88231200Smm * 89231200Smm * There is an assumption that any flavour less than AUTH_NULL is 90231200Smm * invalid. 91231200Smm */ 92231200Smmenum auth_stat 93231200Smm_authenticate(rqst, msg) 94231200Smm register struct svc_req *rqst; 95231200Smm struct rpc_msg *msg; 96231200Smm{ 97231200Smm register int cred_flavor; 98231200Smm 99231200Smm rqst->rq_cred = msg->rm_call.cb_cred; 100231200Smm rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor; 101231200Smm rqst->rq_xprt->xp_verf.oa_length = 0; 102231200Smm cred_flavor = rqst->rq_cred.oa_flavor; 103231200Smm if ((cred_flavor <= AUTH_MAX) && (cred_flavor >= AUTH_NULL)) { 104231200Smm return ((*(svcauthsw[cred_flavor].authenticator))(rqst, msg)); 105231200Smm } 106231200Smm 107231200Smm return (AUTH_REJECTEDCRED); 108231200Smm} 109231200Smm 110231200Smmenum auth_stat 111231200Smm_svcauth_null(/*rqst, msg*/) 112231200Smm /*struct svc_req *rqst; 113231200Smm struct rpc_msg *msg;*/ 114231200Smm{ 115231200Smm 116231200Smm return (AUTH_OK); 117231200Smm} 118231200Smm