svc_auth.c revision 193650 
1177633Sdfr/*	$NetBSD: svc_auth.c,v 1.12 2000/07/06 03:10:35 christos Exp $	*/
2177633Sdfr
3177633Sdfr/*
4177633Sdfr * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
5177633Sdfr * unrestricted use provided that this legend is included on all tape
6177633Sdfr * media and as a part of the software program in whole or part.  Users
7177633Sdfr * may copy or modify Sun RPC without charge, but are not authorized
8177633Sdfr * to license or distribute it to anyone else except as part of a product or
9177633Sdfr * program developed by the user.
10177633Sdfr *
11177633Sdfr * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
12177633Sdfr * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
13177633Sdfr * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14177633Sdfr *
15177633Sdfr * Sun RPC is provided with no support and without any obligation on the
16177633Sdfr * part of Sun Microsystems, Inc. to assist in its use, correction,
17177633Sdfr * modification or enhancement.
18177633Sdfr *
19177633Sdfr * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
20177633Sdfr * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
21177633Sdfr * OR ANY PART THEREOF.
22177633Sdfr *
23177633Sdfr * In no event will Sun Microsystems, Inc. be liable for any lost revenue
24177633Sdfr * or profits or other special, indirect and consequential damages, even if
25177633Sdfr * Sun has been advised of the possibility of such damages.
26177633Sdfr *
27177633Sdfr * Sun Microsystems, Inc.
28177633Sdfr * 2550 Garcia Avenue
29177633Sdfr * Mountain View, California  94043
30177633Sdfr */
31177633Sdfr/*
32177633Sdfr * Copyright (c) 1986-1991 by Sun Microsystems Inc.
33177633Sdfr */
34177633Sdfr
35177633Sdfr#if defined(LIBC_SCCS) && !defined(lint)
36177633Sdfr#ident	"@(#)svc_auth.c	1.16	94/04/24 SMI"
37177633Sdfrstatic char sccsid[] = "@(#)svc_auth.c 1.26 89/02/07 Copyr 1984 Sun Micro";
38177633Sdfr#endif
39177633Sdfr#include <sys/cdefs.h>
40177633Sdfr__FBSDID("$FreeBSD: head/sys/rpc/svc_auth.c 193650 2009-06-07 20:51:31Z rwatson $");
41177633Sdfr
42177633Sdfr/*
43177633Sdfr * svc_auth.c, Server-side rpc authenticator interface.
44177633Sdfr *
45177633Sdfr */
46177633Sdfr
47177633Sdfr#include <sys/param.h>
48177633Sdfr#include <sys/lock.h>
49177633Sdfr#include <sys/mutex.h>
50177633Sdfr#include <sys/systm.h>
51193650Srwatson#include <sys/jail.h>
52177633Sdfr#include <sys/ucred.h>
53177633Sdfr
54177633Sdfr#include <rpc/rpc.h>
55177633Sdfr
56184588Sdfrstatic enum auth_stat (*_svcauth_rpcsec_gss)(struct svc_req *,
57184588Sdfr    struct rpc_msg *) = NULL;
58184588Sdfrstatic int (*_svcauth_rpcsec_gss_getcred)(struct svc_req *,
59184588Sdfr    struct ucred **, int *);
60184588Sdfr
61184588Sdfrstatic struct svc_auth_ops svc_auth_null_ops;
62184588Sdfr
63177633Sdfr/*
64177633Sdfr * The call rpc message, msg has been obtained from the wire.  The msg contains
65177633Sdfr * the raw form of credentials and verifiers.  authenticate returns AUTH_OK
66177633Sdfr * if the msg is successfully authenticated.  If AUTH_OK then the routine also
67177633Sdfr * does the following things:
68177633Sdfr * set rqst->rq_xprt->verf to the appropriate response verifier;
69177633Sdfr * sets rqst->rq_client_cred to the "cooked" form of the credentials.
70177633Sdfr *
71177633Sdfr * NB: rqst->rq_cxprt->verf must be pre-alloctaed;
72177633Sdfr * its length is set appropriately.
73177633Sdfr *
74177633Sdfr * The caller still owns and is responsible for msg->u.cmb.cred and
75177633Sdfr * msg->u.cmb.verf.  The authentication system retains ownership of
76177633Sdfr * rqst->rq_client_cred, the cooked credentials.
77177633Sdfr *
78177633Sdfr * There is an assumption that any flavour less than AUTH_NULL is
79177633Sdfr * invalid.
80177633Sdfr */
81177633Sdfrenum auth_stat
82177633Sdfr_authenticate(struct svc_req *rqst, struct rpc_msg *msg)
83177633Sdfr{
84177633Sdfr	int cred_flavor;
85177633Sdfr	enum auth_stat dummy;
86177633Sdfr
87177633Sdfr	rqst->rq_cred = msg->rm_call.cb_cred;
88184588Sdfr	rqst->rq_auth.svc_ah_ops = &svc_auth_null_ops;
89184588Sdfr	rqst->rq_auth.svc_ah_private = NULL;
90177633Sdfr	cred_flavor = rqst->rq_cred.oa_flavor;
91177633Sdfr	switch (cred_flavor) {
92177633Sdfr	case AUTH_NULL:
93177633Sdfr		dummy = _svcauth_null(rqst, msg);
94177633Sdfr		return (dummy);
95177633Sdfr	case AUTH_SYS:
96177633Sdfr		dummy = _svcauth_unix(rqst, msg);
97177633Sdfr		return (dummy);
98177633Sdfr	case AUTH_SHORT:
99177633Sdfr		dummy = _svcauth_short(rqst, msg);
100177633Sdfr		return (dummy);
101184588Sdfr	case RPCSEC_GSS:
102184588Sdfr		if (!_svcauth_rpcsec_gss)
103184588Sdfr			return (AUTH_REJECTEDCRED);
104184588Sdfr		dummy = _svcauth_rpcsec_gss(rqst, msg);
105184588Sdfr		return (dummy);
106177633Sdfr	default:
107177633Sdfr		break;
108177633Sdfr	}
109177633Sdfr
110177633Sdfr	return (AUTH_REJECTEDCRED);
111177633Sdfr}
112177633Sdfr
113184588Sdfr/*
114184588Sdfr * A set of null auth methods used by any authentication protocols
115184588Sdfr * that don't need to inspect or modify the message body.
116184588Sdfr */
117184588Sdfrstatic bool_t
118184588Sdfrsvcauth_null_wrap(SVCAUTH *auth, struct mbuf **mp)
119184588Sdfr{
120184588Sdfr
121184588Sdfr	return (TRUE);
122184588Sdfr}
123184588Sdfr
124184588Sdfrstatic bool_t
125184588Sdfrsvcauth_null_unwrap(SVCAUTH *auth, struct mbuf **mp)
126184588Sdfr{
127184588Sdfr
128184588Sdfr	return (TRUE);
129184588Sdfr}
130184588Sdfr
131184588Sdfrstatic void
132184588Sdfrsvcauth_null_release(SVCAUTH *auth)
133184588Sdfr{
134184588Sdfr
135184588Sdfr}
136184588Sdfr
137184588Sdfrstatic struct svc_auth_ops svc_auth_null_ops = {
138184588Sdfr	svcauth_null_wrap,
139184588Sdfr	svcauth_null_unwrap,
140184588Sdfr	svcauth_null_release,
141184588Sdfr};
142184588Sdfr
143177633Sdfr/*ARGSUSED*/
144177633Sdfrenum auth_stat
145177633Sdfr_svcauth_null(struct svc_req *rqst, struct rpc_msg *msg)
146177633Sdfr{
147184588Sdfr
148184588Sdfr	rqst->rq_verf = _null_auth;
149177633Sdfr	return (AUTH_OK);
150177633Sdfr}
151177633Sdfr
152177633Sdfrint
153184588Sdfrsvc_auth_reg(int flavor,
154184588Sdfr    enum auth_stat (*svcauth)(struct svc_req *, struct rpc_msg *),
155184588Sdfr    int (*getcred)(struct svc_req *, struct ucred **, int *))
156177633Sdfr{
157184588Sdfr
158184588Sdfr	if (flavor == RPCSEC_GSS) {
159184588Sdfr		_svcauth_rpcsec_gss = svcauth;
160184588Sdfr		_svcauth_rpcsec_gss_getcred = getcred;
161184588Sdfr	}
162184588Sdfr	return (TRUE);
163184588Sdfr}
164184588Sdfr
165184588Sdfrint
166184588Sdfrsvc_getcred(struct svc_req *rqst, struct ucred **crp, int *flavorp)
167184588Sdfr{
168184588Sdfr	struct ucred *cr = NULL;
169177633Sdfr	int flavor, i;
170177633Sdfr	struct xucred *xcr;
171177633Sdfr
172177633Sdfr	flavor = rqst->rq_cred.oa_flavor;
173177633Sdfr	if (flavorp)
174177633Sdfr		*flavorp = flavor;
175177633Sdfr
176177633Sdfr	switch (flavor) {
177177633Sdfr	case AUTH_UNIX:
178177633Sdfr		xcr = (struct xucred *) rqst->rq_clntcred;
179184588Sdfr		cr = crget();
180177633Sdfr		cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid;
181177633Sdfr		cr->cr_ngroups = xcr->cr_ngroups;
182177633Sdfr		for (i = 0; i < xcr->cr_ngroups; i++)
183177633Sdfr			cr->cr_groups[i] = xcr->cr_groups[i];
184184588Sdfr		cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0];
185193650Srwatson		cr->cr_prison = &prison0;
186193650Srwatson		prison_hold(cr->cr_prison);
187184588Sdfr		*crp = cr;
188177633Sdfr		return (TRUE);
189177633Sdfr
190184588Sdfr	case RPCSEC_GSS:
191184588Sdfr		if (!_svcauth_rpcsec_gss_getcred)
192184588Sdfr			return (FALSE);
193184588Sdfr		return (_svcauth_rpcsec_gss_getcred(rqst, crp, flavorp));
194184588Sdfr
195177633Sdfr	default:
196177633Sdfr		return (FALSE);
197177633Sdfr	}
198177633Sdfr}
199177633Sdfr
200