]>
Commit | Line | Data |
---|---|---|
4a26b4a6 MT |
1 | diff --git a/configure.ac b/configure.ac |
2 | index 97c6f2c..a99c5d6 100644 | |
3 | --- a/configure.ac | |
4 | +++ b/configure.ac | |
5 | @@ -15,6 +15,13 @@ if test x$gss = xtrue; then | |
6 | PKG_CHECK_MODULES(GSSGLUE, libgssglue, [], | |
7 | AC_MSG_ERROR([Unable to locate information required to use libgssglue.])) | |
8 | fi | |
9 | +AC_ARG_ENABLE(ipv6, | |
10 | + [AC_HELP_STRING([--disable-ipv6], [Disable IPv6 support @<:@default=no@:>@])], | |
11 | + [],[enable_ipv6=yes]) | |
12 | +AM_CONDITIONAL(INET6, test "x$disable_ipv6" != xno) | |
13 | +if test "x$enable_ipv6" != xno; then | |
14 | + AC_DEFINE(INET6, 1, [Define to 1 if IPv6 is available]) | |
15 | +fi | |
16 | ||
17 | AC_PROG_CC | |
18 | AM_CONFIG_HEADER(config.h) | |
19 | @@ -23,6 +30,7 @@ AC_HEADER_DIRENT | |
20 | AC_PREFIX_DEFAULT(/usr) | |
21 | AC_CHECK_HEADERS([arpa/inet.h fcntl.h libintl.h limits.h locale.h netdb.h netinet/in.h stddef.h stdint.h stdlib.h string.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h syslog.h unistd.h]) | |
22 | AC_CHECK_LIB([pthread], [pthread_create]) | |
23 | +AC_CHECK_LIB([nsl], [yp_get_default_domain]) | |
24 | ||
25 | ||
26 | AC_CONFIG_FILES([Makefile src/Makefile man/Makefile doc/Makefile]) | |
27 | diff --git a/doc/Makefile.am b/doc/Makefile.am | |
28 | index cc4fa76..58de35b 100644 | |
29 | --- a/doc/Makefile.am | |
30 | +++ b/doc/Makefile.am | |
31 | @@ -1,5 +1,5 @@ | |
32 | ||
33 | install: install-am | |
34 | - $(mkinstalldirs) $(DESTDIR)/etc | |
35 | - cp -p ./etc_netconfig $(DESTDIR)/etc/netconfig | |
36 | - chmod 0644 $(DESTDIR)/etc/netconfig | |
37 | + $(mkinstalldirs) $(DESTDIR)/$(sysconfdir) | |
38 | + cp -p $(srcdir)/etc_netconfig $(DESTDIR)/$(sysconfdir)/netconfig | |
39 | + chmod 0644 $(DESTDIR)/$(sysconfdir)/netconfig | |
40 | diff --git a/src/Makefile.am b/src/Makefile.am | |
41 | index 7ee8cbc..66350f5 100644 | |
42 | --- a/src/Makefile.am | |
43 | +++ b/src/Makefile.am | |
44 | @@ -40,7 +40,7 @@ lib_LTLIBRARIES = libtirpc.la | |
45 | # release number of your package. This is an abuse that only fosters | |
46 | # misunderstanding of the purpose of library versions." | |
47 | # | |
48 | -libtirpc_la_LDFLAGS = -lnsl -lpthread -version-info 1:10:0 | |
49 | +libtirpc_la_LDFLAGS = -lpthread -version-info 1:10:0 | |
50 | ||
51 | libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c clnt_bcast.c \ | |
52 | clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c \ | |
53 | @@ -48,17 +48,16 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln | |
54 | getrpcport.c mt_misc.c pmap_clnt.c pmap_getmaps.c pmap_getport.c \ | |
55 | pmap_prot.c pmap_prot2.c pmap_rmt.c rpc_prot.c rpc_commondata.c \ | |
56 | rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \ | |
57 | - rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_generic.c \ | |
58 | - svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \ | |
59 | - auth_time.c auth_des.c authdes_prot.c des_crypt.c | |
60 | + rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \ | |
61 | + svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \ | |
62 | + auth_time.c auth_des.c authdes_prot.c | |
63 | ||
64 | ## XDR | |
65 | libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c | |
66 | ||
67 | ## Secure-RPC | |
68 | if GSS | |
69 | - libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c \ | |
70 | - svc_auth_none.c | |
71 | + libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c | |
72 | libtirpc_la_LDFLAGS += $(GSSGLUE_LIBS) | |
73 | libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSGLUE_CFLAGS) | |
74 | endif | |
75 | diff --git a/src/auth_des.c b/src/auth_des.c | |
76 | index 37e7667..f0c8b8c 100644 | |
77 | --- a/src/auth_des.c | |
78 | +++ b/src/auth_des.c | |
79 | @@ -223,6 +223,7 @@ authdes_pk_seccreate(const char *servername, netobj *pkey, u_int window, | |
80 | goto failed; | |
81 | } | |
82 | ad->ad_nis_srvr = NULL; /* not needed any longer */ | |
83 | + auth_get(auth); /* Reference for caller */ | |
84 | return (auth); | |
85 | ||
86 | failed: | |
87 | @@ -472,6 +473,12 @@ authdes_destroy(AUTH *auth) | |
88 | FREE(auth, sizeof(AUTH)); | |
89 | } | |
90 | ||
91 | +static bool_t | |
92 | +authdes_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere) | |
93 | +{ | |
94 | + return ((*xfunc)(xdrs, xwhere)); | |
95 | +} | |
96 | + | |
97 | static struct auth_ops * | |
98 | authdes_ops(void) | |
99 | { | |
100 | @@ -487,6 +494,8 @@ authdes_ops(void) | |
101 | ops.ah_validate = authdes_validate; | |
102 | ops.ah_refresh = authdes_refresh; | |
103 | ops.ah_destroy = authdes_destroy; | |
104 | + ops.ah_wrap = authdes_wrap; | |
105 | + ops.ah_unwrap = authdes_wrap; | |
106 | } | |
107 | mutex_unlock(&authdes_ops_lock); | |
108 | return (&ops); | |
109 | diff --git a/src/auth_gss.c b/src/auth_gss.c | |
110 | index df3017a..539101e 100644 | |
111 | --- a/src/auth_gss.c | |
112 | +++ b/src/auth_gss.c | |
113 | @@ -87,9 +87,9 @@ print_rpc_gss_sec(struct rpc_gss_sec *ptr) | |
114 | int i; | |
115 | char *p; | |
116 | ||
117 | - log_debug("rpc_gss_sec:"); | |
118 | + gss_log_debug("rpc_gss_sec:"); | |
119 | if(ptr->mech == NULL) | |
120 | - log_debug("NULL gss_OID mech"); | |
121 | + gss_log_debug("NULL gss_OID mech"); | |
122 | else { | |
123 | fprintf(stderr, " mechanism_OID: {"); | |
124 | p = (char *)ptr->mech->elements; | |
125 | @@ -151,7 +151,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec) | |
126 | struct rpc_gss_data *gd; | |
127 | OM_uint32 min_stat = 0; | |
128 | ||
129 | - log_debug("in authgss_create()"); | |
130 | + gss_log_debug("in authgss_create()"); | |
131 | ||
132 | memset(&rpc_createerr, 0, sizeof(rpc_createerr)); | |
133 | ||
134 | @@ -200,6 +200,8 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec) | |
135 | ||
136 | if (!authgss_refresh(auth)) | |
137 | auth = NULL; | |
138 | + else | |
139 | + auth_get(auth); /* Reference for caller */ | |
140 | ||
141 | clnt->cl_auth = save_auth; | |
142 | ||
143 | @@ -214,7 +216,7 @@ authgss_create_default(CLIENT *clnt, char *service, struct rpc_gss_sec *sec) | |
144 | gss_buffer_desc sname; | |
145 | gss_name_t name = GSS_C_NO_NAME; | |
146 | ||
147 | - log_debug("in authgss_create_default()"); | |
148 | + gss_log_debug("in authgss_create_default()"); | |
149 | ||
150 | ||
151 | sname.value = service; | |
152 | @@ -225,7 +227,7 @@ authgss_create_default(CLIENT *clnt, char *service, struct rpc_gss_sec *sec) | |
153 | &name); | |
154 | ||
155 | if (maj_stat != GSS_S_COMPLETE) { | |
156 | - log_status("gss_import_name", maj_stat, min_stat); | |
157 | + gss_log_status("gss_import_name", maj_stat, min_stat); | |
158 | rpc_createerr.cf_stat = RPC_AUTHERROR; | |
159 | return (NULL); | |
160 | } | |
161 | @@ -247,7 +249,7 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd) | |
162 | { | |
163 | struct rpc_gss_data *gd; | |
164 | ||
165 | - log_debug("in authgss_get_private_data()"); | |
166 | + gss_log_debug("in authgss_get_private_data()"); | |
167 | ||
168 | if (!auth || !pd) | |
169 | return (FALSE); | |
170 | @@ -267,7 +269,7 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd) | |
171 | static void | |
172 | authgss_nextverf(AUTH *auth) | |
173 | { | |
174 | - log_debug("in authgss_nextverf()"); | |
175 | + gss_log_debug("in authgss_nextverf()"); | |
176 | /* no action necessary */ | |
177 | } | |
178 | ||
179 | @@ -281,7 +283,7 @@ authgss_marshal(AUTH *auth, XDR *xdrs) | |
180 | OM_uint32 maj_stat, min_stat; | |
181 | bool_t xdr_stat; | |
182 | ||
183 | - log_debug("in authgss_marshal()"); | |
184 | + gss_log_debug("in authgss_marshal()"); | |
185 | ||
186 | gd = AUTH_PRIVATE(auth); | |
187 | ||
188 | @@ -316,7 +318,7 @@ authgss_marshal(AUTH *auth, XDR *xdrs) | |
189 | &rpcbuf, &checksum); | |
190 | ||
191 | if (maj_stat != GSS_S_COMPLETE) { | |
192 | - log_status("gss_get_mic", maj_stat, min_stat); | |
193 | + gss_log_status("gss_get_mic", maj_stat, min_stat); | |
194 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) { | |
195 | gd->established = FALSE; | |
196 | authgss_destroy_context(auth); | |
197 | @@ -341,7 +343,7 @@ authgss_validate(AUTH *auth, struct opaque_auth *verf) | |
198 | gss_buffer_desc signbuf, checksum; | |
199 | OM_uint32 maj_stat, min_stat; | |
200 | ||
201 | - log_debug("in authgss_validate()"); | |
202 | + gss_log_debug("in authgss_validate()"); | |
203 | ||
204 | gd = AUTH_PRIVATE(auth); | |
205 | ||
206 | @@ -377,7 +379,7 @@ authgss_validate(AUTH *auth, struct opaque_auth *verf) | |
207 | maj_stat = gss_verify_mic(&min_stat, gd->ctx, &signbuf, | |
208 | &checksum, &qop_state); | |
209 | if (maj_stat != GSS_S_COMPLETE || qop_state != gd->sec.qop) { | |
210 | - log_status("gss_verify_mic", maj_stat, min_stat); | |
211 | + gss_log_status("gss_verify_mic", maj_stat, min_stat); | |
212 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) { | |
213 | gd->established = FALSE; | |
214 | authgss_destroy_context(auth); | |
215 | @@ -395,7 +397,7 @@ authgss_refresh(AUTH *auth) | |
216 | gss_buffer_desc *recv_tokenp, send_token; | |
217 | OM_uint32 maj_stat, min_stat, call_stat, ret_flags; | |
218 | ||
219 | - log_debug("in authgss_refresh()"); | |
220 | + gss_log_debug("in authgss_refresh()"); | |
221 | ||
222 | gd = AUTH_PRIVATE(auth); | |
223 | ||
224 | @@ -414,9 +416,9 @@ authgss_refresh(AUTH *auth) | |
225 | #ifdef DEBUG | |
226 | /* print the token we just received */ | |
227 | if (recv_tokenp != GSS_C_NO_BUFFER) { | |
228 | - log_debug("The token we just received (length %d):", | |
229 | + gss_log_debug("The token we just received (length %d):", | |
230 | recv_tokenp->length); | |
231 | - log_hexdump(recv_tokenp->value, recv_tokenp->length, 0); | |
232 | + gss_log_hexdump(recv_tokenp->value, recv_tokenp->length, 0); | |
233 | } | |
234 | #endif | |
235 | maj_stat = gss_init_sec_context(&min_stat, | |
236 | @@ -439,7 +441,7 @@ authgss_refresh(AUTH *auth) | |
237 | } | |
238 | if (maj_stat != GSS_S_COMPLETE && | |
239 | maj_stat != GSS_S_CONTINUE_NEEDED) { | |
240 | - log_status("gss_init_sec_context", maj_stat, min_stat); | |
241 | + gss_log_status("gss_init_sec_context", maj_stat, min_stat); | |
242 | break; | |
243 | } | |
244 | if (send_token.length != 0) { | |
245 | @@ -447,9 +449,9 @@ authgss_refresh(AUTH *auth) | |
246 | ||
247 | #ifdef DEBUG | |
248 | /* print the token we are about to send */ | |
249 | - log_debug("The token being sent (length %d):", | |
250 | + gss_log_debug("The token being sent (length %d):", | |
251 | send_token.length); | |
252 | - log_hexdump(send_token.value, send_token.length, 0); | |
253 | + gss_log_hexdump(send_token.value, send_token.length, 0); | |
254 | #endif | |
255 | ||
256 | call_stat = clnt_call(gd->clnt, NULLPROC, | |
257 | @@ -498,7 +500,7 @@ authgss_refresh(AUTH *auth) | |
258 | ||
259 | if (maj_stat != GSS_S_COMPLETE | |
260 | || qop_state != gd->sec.qop) { | |
261 | - log_status("gss_verify_mic", maj_stat, min_stat); | |
262 | + gss_log_status("gss_verify_mic", maj_stat, min_stat); | |
263 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) { | |
264 | gd->established = FALSE; | |
265 | authgss_destroy_context(auth); | |
266 | @@ -531,7 +533,7 @@ authgss_service(AUTH *auth, int svc) | |
267 | { | |
268 | struct rpc_gss_data *gd; | |
269 | ||
270 | - log_debug("in authgss_service()"); | |
271 | + gss_log_debug("in authgss_service()"); | |
272 | ||
273 | if (!auth) | |
274 | return(FALSE); | |
275 | @@ -549,15 +551,26 @@ authgss_destroy_context(AUTH *auth) | |
276 | struct rpc_gss_data *gd; | |
277 | OM_uint32 min_stat; | |
278 | ||
279 | - log_debug("in authgss_destroy_context()"); | |
280 | + gss_log_debug("in authgss_destroy_context()"); | |
281 | ||
282 | gd = AUTH_PRIVATE(auth); | |
283 | ||
284 | if (gd->gc.gc_ctx.length != 0) { | |
285 | if (gd->established) { | |
286 | + AUTH *save_auth = NULL; | |
287 | + | |
288 | + /* Make sure we use the right auth_ops */ | |
289 | + if (gd->clnt->cl_auth != auth) { | |
290 | + save_auth = gd->clnt->cl_auth; | |
291 | + gd->clnt->cl_auth = auth; | |
292 | + } | |
293 | + | |
294 | gd->gc.gc_proc = RPCSEC_GSS_DESTROY; | |
295 | clnt_call(gd->clnt, NULLPROC, (xdrproc_t)xdr_void, NULL, | |
296 | (xdrproc_t)xdr_void, NULL, AUTH_TIMEOUT); | |
297 | + | |
298 | + if (save_auth != NULL) | |
299 | + gd->clnt->cl_auth = save_auth; | |
300 | } | |
301 | gss_release_buffer(&min_stat, &gd->gc.gc_ctx); | |
302 | /* XXX ANDROS check size of context - should be 8 */ | |
303 | @@ -582,7 +595,7 @@ authgss_destroy(AUTH *auth) | |
304 | struct rpc_gss_data *gd; | |
305 | OM_uint32 min_stat; | |
306 | ||
307 | - log_debug("in authgss_destroy()"); | |
308 | + gss_log_debug("in authgss_destroy()"); | |
309 | ||
310 | gd = AUTH_PRIVATE(auth); | |
311 | ||
312 | @@ -603,7 +616,7 @@ authgss_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr) | |
313 | { | |
314 | struct rpc_gss_data *gd; | |
315 | ||
316 | - log_debug("in authgss_wrap()"); | |
317 | + gss_log_debug("in authgss_wrap()"); | |
318 | ||
319 | gd = AUTH_PRIVATE(auth); | |
320 | ||
321 | @@ -620,7 +633,7 @@ authgss_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr) | |
322 | { | |
323 | struct rpc_gss_data *gd; | |
324 | ||
325 | - log_debug("in authgss_unwrap()"); | |
326 | + gss_log_debug("in authgss_unwrap()"); | |
327 | ||
328 | gd = AUTH_PRIVATE(auth); | |
329 | ||
330 | diff --git a/src/auth_none.c b/src/auth_none.c | |
331 | index a439ec6..affc92b 100644 | |
332 | --- a/src/auth_none.c | |
333 | +++ b/src/auth_none.c | |
334 | @@ -110,20 +110,19 @@ static bool_t | |
335 | authnone_marshal(AUTH *client, XDR *xdrs) | |
336 | { | |
337 | struct authnone_private *ap; | |
338 | - bool_t dummy; | |
339 | + bool_t rv = FALSE; | |
340 | extern mutex_t authnone_lock; | |
341 | ||
342 | assert(xdrs != NULL); | |
343 | ||
344 | + mutex_lock(&authnone_lock); | |
345 | ap = authnone_private; | |
346 | - if (ap == NULL) { | |
347 | - mutex_unlock(&authnone_lock); | |
348 | - return (FALSE); | |
349 | + if (ap) { | |
350 | + rv = (*xdrs->x_ops->x_putbytes)(xdrs, ap->marshalled_client, | |
351 | + ap->mcnt); | |
352 | } | |
353 | - dummy = (*xdrs->x_ops->x_putbytes)(xdrs, | |
354 | - ap->marshalled_client, ap->mcnt); | |
355 | mutex_unlock(&authnone_lock); | |
356 | - return (dummy); | |
357 | + return (rv); | |
358 | } | |
359 | ||
360 | /* All these unused parameters are required to keep ANSI-C from grumbling */ | |
361 | @@ -155,6 +154,12 @@ authnone_destroy(AUTH *client) | |
362 | { | |
363 | } | |
364 | ||
365 | +static bool_t | |
366 | +authnone_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere) | |
367 | +{ | |
368 | + return ((*xfunc)(xdrs, xwhere)); | |
369 | +} | |
370 | + | |
371 | static struct auth_ops * | |
372 | authnone_ops() | |
373 | { | |
374 | @@ -170,6 +175,8 @@ authnone_ops() | |
375 | ops.ah_validate = authnone_validate; | |
376 | ops.ah_refresh = authnone_refresh; | |
377 | ops.ah_destroy = authnone_destroy; | |
378 | + ops.ah_wrap = authnone_wrap; | |
379 | + ops.ah_unwrap = authnone_wrap; | |
380 | } | |
381 | mutex_unlock(&ops_lock); | |
382 | return (&ops); | |
383 | diff --git a/src/auth_unix.c b/src/auth_unix.c | |
384 | index c2469da..4b9b13f 100644 | |
385 | --- a/src/auth_unix.c | |
386 | +++ b/src/auth_unix.c | |
387 | @@ -162,6 +162,7 @@ authunix_create(machname, uid, gid, len, aup_gids) | |
388 | */ | |
389 | auth->ah_cred = au->au_origcred; | |
390 | marshal_new_auth(auth); | |
391 | + auth_get(auth); /* Reference for caller */ | |
392 | return (auth); | |
393 | #ifndef _KERNEL | |
394 | cleanup_authunix_create: | |
395 | @@ -396,6 +397,12 @@ marshal_new_auth(auth) | |
396 | XDR_DESTROY(xdrs); | |
397 | } | |
398 | ||
399 | +static bool_t | |
400 | +authunix_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere) | |
401 | +{ | |
402 | + return ((*xfunc)(xdrs, xwhere)); | |
403 | +} | |
404 | + | |
405 | static struct auth_ops * | |
406 | authunix_ops() | |
407 | { | |
408 | @@ -411,6 +418,8 @@ authunix_ops() | |
409 | ops.ah_validate = authunix_validate; | |
410 | ops.ah_refresh = authunix_refresh; | |
411 | ops.ah_destroy = authunix_destroy; | |
412 | + ops.ah_wrap = authunix_wrap; | |
413 | + ops.ah_unwrap = authunix_wrap; | |
414 | } | |
415 | mutex_unlock(&ops_lock); | |
416 | return (&ops); | |
417 | diff --git a/src/authgss_prot.c b/src/authgss_prot.c | |
418 | index 9d7fa09..a3c93c9 100644 | |
419 | --- a/src/authgss_prot.c | |
420 | +++ b/src/authgss_prot.c | |
421 | @@ -64,10 +64,10 @@ xdr_rpc_gss_buf(XDR *xdrs, gss_buffer_t buf, u_int maxsize) | |
422 | if (xdr_stat && xdrs->x_op == XDR_DECODE) | |
423 | buf->length = tmplen; | |
424 | ||
425 | - log_debug("xdr_rpc_gss_buf: %s %s (%p:%d)", | |
426 | - (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
427 | - (xdr_stat == TRUE) ? "success" : "failure", | |
428 | - buf->value, buf->length); | |
429 | + gss_log_debug("xdr_rpc_gss_buf: %s %s (%p:%d)", | |
430 | + (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
431 | + (xdr_stat == TRUE) ? "success" : "failure", | |
432 | + buf->value, buf->length); | |
433 | ||
434 | return xdr_stat; | |
435 | } | |
436 | @@ -83,12 +83,12 @@ xdr_rpc_gss_cred(XDR *xdrs, struct rpc_gss_cred *p) | |
437 | xdr_enum(xdrs, (enum_t *)&p->gc_svc) && | |
438 | xdr_rpc_gss_buf(xdrs, &p->gc_ctx, MAX_AUTH_BYTES)); | |
439 | ||
440 | - log_debug("xdr_rpc_gss_cred: %s %s " | |
441 | - "(v %d, proc %d, seq %d, svc %d, ctx %p:%d)", | |
442 | - (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
443 | - (xdr_stat == TRUE) ? "success" : "failure", | |
444 | - p->gc_v, p->gc_proc, p->gc_seq, p->gc_svc, | |
445 | - p->gc_ctx.value, p->gc_ctx.length); | |
446 | + gss_log_debug("xdr_rpc_gss_cred: %s %s " | |
447 | + "(v %d, proc %d, seq %d, svc %d, ctx %p:%d)", | |
448 | + (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
449 | + (xdr_stat == TRUE) ? "success" : "failure", | |
450 | + p->gc_v, p->gc_proc, p->gc_seq, p->gc_svc, | |
451 | + p->gc_ctx.value, p->gc_ctx.length); | |
452 | ||
453 | return (xdr_stat); | |
454 | } | |
455 | @@ -101,10 +101,10 @@ xdr_rpc_gss_init_args(XDR *xdrs, gss_buffer_desc *p) | |
456 | ||
457 | xdr_stat = xdr_rpc_gss_buf(xdrs, p, maxlen); | |
458 | ||
459 | - log_debug("xdr_rpc_gss_init_args: %s %s (token %p:%d)", | |
460 | - (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
461 | - (xdr_stat == TRUE) ? "success" : "failure", | |
462 | - p->value, p->length); | |
463 | + gss_log_debug("xdr_rpc_gss_init_args: %s %s (token %p:%d)", | |
464 | + (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
465 | + (xdr_stat == TRUE) ? "success" : "failure", | |
466 | + p->value, p->length); | |
467 | ||
468 | return (xdr_stat); | |
469 | } | |
470 | @@ -123,13 +123,13 @@ xdr_rpc_gss_init_res(XDR *xdrs, struct rpc_gss_init_res *p) | |
471 | xdr_u_int(xdrs, &p->gr_win) && | |
472 | xdr_rpc_gss_buf(xdrs, &p->gr_token, tok_maxlen)); | |
473 | ||
474 | - log_debug("xdr_rpc_gss_init_res %s %s " | |
475 | - "(ctx %p:%d, maj %d, min %d, win %d, token %p:%d)", | |
476 | - (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
477 | - (xdr_stat == TRUE) ? "success" : "failure", | |
478 | - p->gr_ctx.value, p->gr_ctx.length, | |
479 | - p->gr_major, p->gr_minor, p->gr_win, | |
480 | - p->gr_token.value, p->gr_token.length); | |
481 | + gss_log_debug("xdr_rpc_gss_init_res %s %s " | |
482 | + "(ctx %p:%d, maj %d, min %d, win %d, token %p:%d)", | |
483 | + (xdrs->x_op == XDR_ENCODE) ? "encode" : "decode", | |
484 | + (xdr_stat == TRUE) ? "success" : "failure", | |
485 | + p->gr_ctx.value, p->gr_ctx.length, | |
486 | + p->gr_major, p->gr_minor, p->gr_win, | |
487 | + p->gr_token.value, p->gr_token.length); | |
488 | ||
489 | return (xdr_stat); | |
490 | } | |
491 | @@ -161,6 +161,7 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
492 | databuflen = end - start - 4; | |
493 | XDR_SETPOS(xdrs, start + 4); | |
494 | databuf.value = XDR_INLINE(xdrs, databuflen); | |
495 | + databuf.length = databuflen; | |
496 | ||
497 | xdr_stat = FALSE; | |
498 | ||
499 | @@ -169,13 +170,12 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
500 | XDR_SETPOS(xdrs, start); | |
501 | if (!xdr_u_int(xdrs, (u_int *)&databuflen)) | |
502 | return (FALSE); | |
503 | - databuf.length = databuflen; | |
504 | ||
505 | /* Checksum rpc_gss_data_t. */ | |
506 | maj_stat = gss_get_mic(&min_stat, ctx, qop, | |
507 | &databuf, &wrapbuf); | |
508 | if (maj_stat != GSS_S_COMPLETE) { | |
509 | - log_debug("gss_get_mic failed"); | |
510 | + gss_log_debug("gss_get_mic failed"); | |
511 | return (FALSE); | |
512 | } | |
513 | /* Marshal checksum. */ | |
514 | @@ -189,7 +189,7 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
515 | maj_stat = gss_wrap(&min_stat, ctx, TRUE, qop, &databuf, | |
516 | &conf_state, &wrapbuf); | |
517 | if (maj_stat != GSS_S_COMPLETE) { | |
518 | - log_status("gss_wrap", maj_stat, min_stat); | |
519 | + gss_log_status("gss_wrap", maj_stat, min_stat); | |
520 | return (FALSE); | |
521 | } | |
522 | /* Marshal databody_priv. */ | |
523 | @@ -222,13 +222,13 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
524 | if (svc == RPCSEC_GSS_SVC_INTEGRITY) { | |
525 | /* Decode databody_integ. */ | |
526 | if (!xdr_rpc_gss_buf(xdrs, &databuf, (u_int)-1)) { | |
527 | - log_debug("xdr decode databody_integ failed"); | |
528 | + gss_log_debug("xdr decode databody_integ failed"); | |
529 | return (FALSE); | |
530 | } | |
531 | /* Decode checksum. */ | |
532 | if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (u_int)-1)) { | |
533 | gss_release_buffer(&min_stat, &databuf); | |
534 | - log_debug("xdr decode checksum failed"); | |
535 | + gss_log_debug("xdr decode checksum failed"); | |
536 | return (FALSE); | |
537 | } | |
538 | /* Verify checksum and QOP. */ | |
539 | @@ -238,14 +238,14 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
540 | ||
541 | if (maj_stat != GSS_S_COMPLETE || qop_state != qop) { | |
542 | gss_release_buffer(&min_stat, &databuf); | |
543 | - log_status("gss_verify_mic", maj_stat, min_stat); | |
544 | + gss_log_status("gss_verify_mic", maj_stat, min_stat); | |
545 | return (FALSE); | |
546 | } | |
547 | } | |
548 | else if (svc == RPCSEC_GSS_SVC_PRIVACY) { | |
549 | /* Decode databody_priv. */ | |
550 | if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (u_int)-1)) { | |
551 | - log_debug("xdr decode databody_priv failed"); | |
552 | + gss_log_debug("xdr decode databody_priv failed"); | |
553 | return (FALSE); | |
554 | } | |
555 | /* Decrypt databody. */ | |
556 | @@ -258,7 +258,7 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
557 | if (maj_stat != GSS_S_COMPLETE || qop_state != qop || | |
558 | conf_state != TRUE) { | |
559 | gss_release_buffer(&min_stat, &databuf); | |
560 | - log_status("gss_unwrap", maj_stat, min_stat); | |
561 | + gss_log_status("gss_unwrap", maj_stat, min_stat); | |
562 | return (FALSE); | |
563 | } | |
564 | } | |
565 | @@ -271,7 +271,7 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
566 | ||
567 | /* Verify sequence number. */ | |
568 | if (xdr_stat == TRUE && seq_num != seq) { | |
569 | - log_debug("wrong sequence number in databody"); | |
570 | + gss_log_debug("wrong sequence number in databody"); | |
571 | return (FALSE); | |
572 | } | |
573 | return (xdr_stat); | |
574 | @@ -300,7 +300,7 @@ xdr_rpc_gss_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, | |
575 | #include <ctype.h> | |
576 | ||
577 | void | |
578 | -log_debug(const char *fmt, ...) | |
579 | +gss_log_debug(const char *fmt, ...) | |
580 | { | |
581 | va_list ap; | |
582 | ||
583 | @@ -312,7 +312,7 @@ log_debug(const char *fmt, ...) | |
584 | } | |
585 | ||
586 | void | |
587 | -log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat) | |
588 | +gss_log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat) | |
589 | { | |
590 | OM_uint32 min; | |
591 | gss_buffer_desc msg; | |
592 | @@ -332,7 +332,7 @@ log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat) | |
593 | } | |
594 | ||
595 | void | |
596 | -log_hexdump(const u_char *buf, int len, int offset) | |
597 | +gss_log_hexdump(const u_char *buf, int len, int offset) | |
598 | { | |
599 | u_int i, j, jm; | |
600 | int c; | |
601 | @@ -367,17 +367,17 @@ log_hexdump(const u_char *buf, int len, int offset) | |
602 | #else | |
603 | ||
604 | void | |
605 | -log_debug(const char *fmt, ...) | |
606 | +gss_log_debug(const char *fmt, ...) | |
607 | { | |
608 | } | |
609 | ||
610 | void | |
611 | -log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat) | |
612 | +gss_log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat) | |
613 | { | |
614 | } | |
615 | ||
616 | void | |
617 | -log_hexdump(const u_char *buf, int len, int offset) | |
618 | +gss_log_hexdump(const u_char *buf, int len, int offset) | |
619 | { | |
620 | } | |
621 | ||
622 | diff --git a/src/clnt_dg.c b/src/clnt_dg.c | |
623 | index 79fed5d..4a1f60a 100644 | |
624 | --- a/src/clnt_dg.c | |
625 | +++ b/src/clnt_dg.c | |
626 | @@ -366,7 +366,7 @@ call_again: | |
627 | ||
628 | if ((! XDR_PUTINT32(xdrs, (int32_t *)&proc)) || | |
629 | (! AUTH_MARSHALL(cl->cl_auth, xdrs)) || | |
630 | - (! (*xargs)(xdrs, argsp))) { | |
631 | + (! AUTH_WRAP(cl->cl_auth, xdrs, xargs, argsp))) { | |
632 | cu->cu_error.re_status = RPC_CANTENCODEARGS; | |
633 | goto out; | |
634 | } | |
635 | @@ -400,8 +400,8 @@ get_reply: | |
636 | * (We assume that this is actually only executed once.) | |
637 | */ | |
638 | reply_msg.acpted_rply.ar_verf = _null_auth; | |
639 | - reply_msg.acpted_rply.ar_results.where = resultsp; | |
640 | - reply_msg.acpted_rply.ar_results.proc = xresults; | |
641 | + reply_msg.acpted_rply.ar_results.where = NULL; | |
642 | + reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void; | |
643 | ||
644 | fd.fd = cu->cu_fd; | |
645 | fd.events = POLLIN; | |
646 | @@ -512,6 +512,10 @@ get_reply: | |
647 | &reply_msg.acpted_rply.ar_verf)) { | |
648 | cu->cu_error.re_status = RPC_AUTHERROR; | |
649 | cu->cu_error.re_why = AUTH_INVALIDRESP; | |
650 | + } else if (! AUTH_UNWRAP(cl->cl_auth, &reply_xdrs, | |
651 | + xresults, resultsp)) { | |
652 | + if (cu->cu_error.re_status == RPC_SUCCESS) | |
653 | + cu->cu_error.re_status = RPC_CANTDECODERES; | |
654 | } | |
655 | if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) { | |
656 | xdrs->x_op = XDR_FREE; | |
657 | diff --git a/src/clnt_vc.c b/src/clnt_vc.c | |
658 | index 359063c..097cae8 100644 | |
659 | --- a/src/clnt_vc.c | |
660 | +++ b/src/clnt_vc.c | |
661 | @@ -364,7 +364,7 @@ call_again: | |
662 | if ((! XDR_PUTBYTES(xdrs, ct->ct_u.ct_mcallc, ct->ct_mpos)) || | |
663 | (! XDR_PUTINT32(xdrs, (int32_t *)&proc)) || | |
664 | (! AUTH_MARSHALL(cl->cl_auth, xdrs)) || | |
665 | - (! (*xdr_args)(xdrs, args_ptr))) { | |
666 | + (! AUTH_WRAP(cl->cl_auth, xdrs, xdr_args, args_ptr))) { | |
667 | if (ct->ct_error.re_status == RPC_SUCCESS) | |
668 | ct->ct_error.re_status = RPC_CANTENCODEARGS; | |
669 | (void)xdrrec_endofrecord(xdrs, TRUE); | |
670 | @@ -420,7 +420,8 @@ call_again: | |
671 | &reply_msg.acpted_rply.ar_verf)) { | |
672 | ct->ct_error.re_status = RPC_AUTHERROR; | |
673 | ct->ct_error.re_why = AUTH_INVALIDRESP; | |
674 | - } else if (! (*xdr_results)(xdrs, results_ptr)) { | |
675 | + } else if (! AUTH_UNWRAP(cl->cl_auth, xdrs, | |
676 | + xdr_results, results_ptr)) { | |
677 | if (ct->ct_error.re_status == RPC_SUCCESS) | |
678 | ct->ct_error.re_status = RPC_CANTDECODERES; | |
679 | } | |
680 | diff --git a/src/rpc_generic.c b/src/rpc_generic.c | |
681 | index 509fb36..2eb91ad 100644 | |
682 | --- a/src/rpc_generic.c | |
683 | +++ b/src/rpc_generic.c | |
684 | @@ -535,7 +535,9 @@ __rpc_nconf2fd_flags(const struct netconfig *nconf, int flags) | |
685 | si.si_af == AF_INET6) { | |
686 | int val = 1; | |
687 | ||
688 | +#ifdef INET6 | |
689 | setsockopt(fd, SOL_IPV6, IPV6_V6ONLY, &val, sizeof(val)); | |
690 | +#endif | |
691 | } | |
692 | return fd; | |
693 | } | |
694 | diff --git a/src/rpc_soc.c b/src/rpc_soc.c | |
695 | index c678429..63d2197 100644 | |
696 | --- a/src/rpc_soc.c | |
697 | +++ b/src/rpc_soc.c | |
698 | @@ -560,12 +560,10 @@ clntunix_create(raddr, prog, vers, sockp, sendsz, recvsz) | |
699 | u_int recvsz; | |
700 | { | |
701 | struct netbuf *svcaddr; | |
702 | - struct netconfig *nconf; | |
703 | CLIENT *cl; | |
704 | int len; | |
705 | ||
706 | cl = NULL; | |
707 | - nconf = NULL; | |
708 | svcaddr = NULL; | |
709 | if (((svcaddr = malloc(sizeof(struct netbuf))) == NULL ) || | |
710 | ((svcaddr->buf = malloc(sizeof(struct sockaddr_un))) == NULL)) { | |
711 | diff --git a/src/svc.c b/src/svc.c | |
712 | index b4a63d0..08cd6c9 100644 | |
713 | --- a/src/svc.c | |
714 | +++ b/src/svc.c | |
715 | @@ -77,9 +77,6 @@ static struct svc_callout | |
716 | ||
717 | extern rwlock_t svc_lock; | |
718 | extern rwlock_t svc_fd_lock; | |
719 | -#ifdef HAVE_LIBGSSAPI | |
720 | -extern struct svc_auth_ops svc_auth_gss_ops; | |
721 | -#endif | |
722 | ||
723 | static struct svc_callout *svc_find (rpcprog_t, rpcvers_t, | |
724 | struct svc_callout **, char *); | |
725 | @@ -717,11 +714,9 @@ svc_getreq_common (fd) | |
726 | SVC_DESTROY (xprt); | |
727 | break; | |
728 | } | |
729 | - else if ((xprt->xp_auth != NULL) | |
730 | -#ifdef HAVE_LIBGSSAPI | |
731 | - && (xprt->xp_auth->svc_ah_ops != &svc_auth_gss_ops) | |
732 | -#endif | |
733 | - ) { | |
734 | + else if ((xprt->xp_auth != NULL) && | |
735 | + (xprt->xp_auth->svc_ah_private == NULL)) | |
736 | + { | |
737 | xprt->xp_auth = NULL; | |
738 | } | |
739 | } | |
740 | diff --git a/src/svc_auth.c b/src/svc_auth.c | |
741 | index c6b3a0b..e80d5f9 100644 | |
742 | --- a/src/svc_auth.c | |
743 | +++ b/src/svc_auth.c | |
744 | @@ -98,8 +98,8 @@ _authenticate(rqst, msg) | |
745 | rqst->rq_xprt->xp_verf.oa_length = 0; | |
746 | cred_flavor = rqst->rq_cred.oa_flavor; | |
747 | switch (cred_flavor) { | |
748 | - case AUTH_NULL: | |
749 | - dummy = _svcauth_null(rqst, msg); | |
750 | + case AUTH_NONE: | |
751 | + dummy = _svcauth_none(rqst, msg); | |
752 | return (dummy); | |
753 | case AUTH_SYS: | |
754 | dummy = _svcauth_unix(rqst, msg); | |
755 | @@ -132,15 +132,6 @@ _authenticate(rqst, msg) | |
756 | return (AUTH_REJECTEDCRED); | |
757 | } | |
758 | ||
759 | -/*ARGSUSED*/ | |
760 | -enum auth_stat | |
761 | -_svcauth_null(rqst, msg) | |
762 | - struct svc_req *rqst; | |
763 | - struct rpc_msg *msg; | |
764 | -{ | |
765 | - return (AUTH_OK); | |
766 | -} | |
767 | - | |
768 | /* | |
769 | * Allow the rpc service to register new authentication types that it is | |
770 | * prepared to handle. When an authentication flavor is registered, | |
771 | diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c | |
772 | index 54b23b1..9c74313 100644 | |
773 | --- a/src/svc_auth_gss.c | |
774 | +++ b/src/svc_auth_gss.c | |
775 | @@ -87,13 +87,13 @@ svcauth_gss_set_svc_name(gss_name_t name) | |
776 | { | |
777 | OM_uint32 maj_stat, min_stat; | |
778 | ||
779 | - log_debug("in svcauth_gss_set_svc_name()"); | |
780 | + gss_log_debug("in svcauth_gss_set_svc_name()"); | |
781 | ||
782 | if (_svcauth_gss_name != NULL) { | |
783 | maj_stat = gss_release_name(&min_stat, &_svcauth_gss_name); | |
784 | ||
785 | if (maj_stat != GSS_S_COMPLETE) { | |
786 | - log_status("gss_release_name", maj_stat, min_stat); | |
787 | + gss_log_status("gss_release_name", maj_stat, min_stat); | |
788 | return (FALSE); | |
789 | } | |
790 | _svcauth_gss_name = NULL; | |
791 | @@ -101,7 +101,7 @@ svcauth_gss_set_svc_name(gss_name_t name) | |
792 | maj_stat = gss_duplicate_name(&min_stat, name, &_svcauth_gss_name); | |
793 | ||
794 | if (maj_stat != GSS_S_COMPLETE) { | |
795 | - log_status("gss_duplicate_name", maj_stat, min_stat); | |
796 | + gss_log_status("gss_duplicate_name", maj_stat, min_stat); | |
797 | return (FALSE); | |
798 | } | |
799 | ||
800 | @@ -115,7 +115,7 @@ svcauth_gss_import_name(char *service) | |
801 | gss_buffer_desc namebuf; | |
802 | OM_uint32 maj_stat, min_stat; | |
803 | ||
804 | - log_debug("in svcauth_gss_import_name()"); | |
805 | + gss_log_debug("in svcauth_gss_import_name()"); | |
806 | ||
807 | namebuf.value = service; | |
808 | namebuf.length = strlen(service); | |
809 | @@ -124,7 +124,7 @@ svcauth_gss_import_name(char *service) | |
810 | (gss_OID)GSS_C_NT_HOSTBASED_SERVICE, &name); | |
811 | ||
812 | if (maj_stat != GSS_S_COMPLETE) { | |
813 | - log_status("gss_import_name", maj_stat, min_stat); | |
814 | + gss_log_status("gss_import_name", maj_stat, min_stat); | |
815 | return (FALSE); | |
816 | } | |
817 | if (svcauth_gss_set_svc_name(name) != TRUE) { | |
818 | @@ -139,14 +139,14 @@ svcauth_gss_acquire_cred(void) | |
819 | { | |
820 | OM_uint32 maj_stat, min_stat; | |
821 | ||
822 | - log_debug("in svcauth_gss_acquire_cred()"); | |
823 | + gss_log_debug("in svcauth_gss_acquire_cred()"); | |
824 | ||
825 | maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, 0, | |
826 | GSS_C_NULL_OID_SET, GSS_C_ACCEPT, | |
827 | &_svcauth_gss_creds, NULL, NULL); | |
828 | ||
829 | if (maj_stat != GSS_S_COMPLETE) { | |
830 | - log_status("gss_acquire_cred", maj_stat, min_stat); | |
831 | + gss_log_status("gss_acquire_cred", maj_stat, min_stat); | |
832 | return (FALSE); | |
833 | } | |
834 | return (TRUE); | |
835 | @@ -157,12 +157,12 @@ svcauth_gss_release_cred(void) | |
836 | { | |
837 | OM_uint32 maj_stat, min_stat; | |
838 | ||
839 | - log_debug("in svcauth_gss_release_cred()"); | |
840 | + gss_log_debug("in svcauth_gss_release_cred()"); | |
841 | ||
842 | maj_stat = gss_release_cred(&min_stat, &_svcauth_gss_creds); | |
843 | ||
844 | if (maj_stat != GSS_S_COMPLETE) { | |
845 | - log_status("gss_release_cred", maj_stat, min_stat); | |
846 | + gss_log_status("gss_release_cred", maj_stat, min_stat); | |
847 | return (FALSE); | |
848 | } | |
849 | ||
850 | @@ -181,7 +181,7 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, | |
851 | gss_OID mech; | |
852 | OM_uint32 maj_stat = 0, min_stat = 0, ret_flags, seq; | |
853 | ||
854 | - log_debug("in svcauth_gss_accept_context()"); | |
855 | + gss_log_debug("in svcauth_gss_accept_context()"); | |
856 | ||
857 | gd = SVCAUTH_PRIVATE(rqst->rq_xprt->xp_auth); | |
858 | gc = (struct rpc_gss_cred *)rqst->rq_clntcred; | |
859 | @@ -208,7 +208,7 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, | |
860 | ||
861 | if (gr->gr_major != GSS_S_COMPLETE && | |
862 | gr->gr_major != GSS_S_CONTINUE_NEEDED) { | |
863 | - log_status("accept_sec_context", gr->gr_major, gr->gr_minor); | |
864 | + gss_log_status("accept_sec_context", gr->gr_major, gr->gr_minor); | |
865 | gd->ctx = GSS_C_NO_CONTEXT; | |
866 | gss_release_buffer(&min_stat, &gr->gr_token); | |
867 | return (FALSE); | |
868 | @@ -238,7 +238,7 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, | |
869 | maj_stat = gss_display_name(&min_stat, gd->client_name, | |
870 | &gd->cname, &gd->sec.mech); | |
871 | if (maj_stat != GSS_S_COMPLETE) { | |
872 | - log_status("display_name", maj_stat, min_stat); | |
873 | + gss_log_status("display_name", maj_stat, min_stat); | |
874 | return (FALSE); | |
875 | } | |
876 | #ifdef DEBUG | |
877 | @@ -248,19 +248,19 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, | |
878 | ||
879 | gss_oid_to_str(&min_stat, mech, &mechname); | |
880 | ||
881 | - log_debug("accepted context for %.*s with " | |
882 | - "<mech %.*s, qop %d, svc %d>", | |
883 | - gd->cname.length, (char *)gd->cname.value, | |
884 | - mechname.length, (char *)mechname.value, | |
885 | - gd->sec.qop, gd->sec.svc); | |
886 | + gss_log_debug("accepted context for %.*s with " | |
887 | + "<mech %.*s, qop %d, svc %d>", | |
888 | + gd->cname.length, (char *)gd->cname.value, | |
889 | + mechname.length, (char *)mechname.value, | |
890 | + gd->sec.qop, gd->sec.svc); | |
891 | ||
892 | gss_release_buffer(&min_stat, &mechname); | |
893 | } | |
894 | #elif HAVE_HEIMDAL | |
895 | - log_debug("accepted context for %.*s with " | |
896 | - "<mech {}, qop %d, svc %d>", | |
897 | - gd->cname.length, (char *)gd->cname.value, | |
898 | - gd->sec.qop, gd->sec.svc); | |
899 | + gss_log_debug("accepted context for %.*s with " | |
900 | + "<mech {}, qop %d, svc %d>", | |
901 | + gd->cname.length, (char *)gd->cname.value, | |
902 | + gd->sec.qop, gd->sec.svc); | |
903 | #endif | |
904 | #endif /* DEBUG */ | |
905 | seq = htonl(gr->gr_win); | |
906 | @@ -289,7 +289,7 @@ svcauth_gss_validate(struct svc_rpc_gss_data *gd, struct rpc_msg *msg) | |
907 | u_char rpchdr[128]; | |
908 | int32_t *buf; | |
909 | ||
910 | - log_debug("in svcauth_gss_validate()"); | |
911 | + gss_log_debug("in svcauth_gss_validate()"); | |
912 | ||
913 | memset(rpchdr, 0, sizeof(rpchdr)); | |
914 | ||
915 | @@ -326,7 +326,7 @@ svcauth_gss_validate(struct svc_rpc_gss_data *gd, struct rpc_msg *msg) | |
916 | &qop_state); | |
917 | ||
918 | if (maj_stat != GSS_S_COMPLETE) { | |
919 | - log_status("gss_verify_mic", maj_stat, min_stat); | |
920 | + gss_log_status("gss_verify_mic", maj_stat, min_stat); | |
921 | return (FALSE); | |
922 | } | |
923 | return (TRUE); | |
924 | @@ -339,7 +339,7 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num) | |
925 | gss_buffer_desc signbuf, checksum; | |
926 | OM_uint32 maj_stat, min_stat; | |
927 | ||
928 | - log_debug("in svcauth_gss_nextverf()"); | |
929 | + gss_log_debug("in svcauth_gss_nextverf()"); | |
930 | ||
931 | if (rqst->rq_xprt->xp_auth == NULL) | |
932 | return (FALSE); | |
933 | @@ -353,7 +353,7 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num) | |
934 | &signbuf, &checksum); | |
935 | ||
936 | if (maj_stat != GSS_S_COMPLETE) { | |
937 | - log_status("gss_get_mic", maj_stat, min_stat); | |
938 | + gss_log_status("gss_get_mic", maj_stat, min_stat); | |
939 | return (FALSE); | |
940 | } | |
941 | rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS; | |
942 | @@ -373,7 +373,7 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) | |
943 | struct rpc_gss_init_res gr; | |
944 | int call_stat, offset; | |
945 | ||
946 | - log_debug("in svcauth_gss()"); | |
947 | + gss_log_debug("in svcauth_gss()"); | |
948 | ||
949 | /* Initialize reply. */ | |
950 | rqst->rq_xprt->xp_verf = _null_auth; | |
951 | @@ -519,7 +519,7 @@ svcauth_gss_destroy(SVCAUTH *auth) | |
952 | struct svc_rpc_gss_data *gd; | |
953 | OM_uint32 min_stat; | |
954 | ||
955 | - log_debug("in svcauth_gss_destroy()"); | |
956 | + gss_log_debug("in svcauth_gss_destroy()"); | |
957 | ||
958 | gd = SVCAUTH_PRIVATE(auth); | |
959 | ||
960 | @@ -540,7 +540,7 @@ svcauth_gss_wrap(SVCAUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr) | |
961 | { | |
962 | struct svc_rpc_gss_data *gd; | |
963 | ||
964 | - log_debug("in svcauth_gss_wrap()"); | |
965 | + gss_log_debug("in svcauth_gss_wrap()"); | |
966 | ||
967 | gd = SVCAUTH_PRIVATE(auth); | |
968 | ||
969 | @@ -557,7 +557,7 @@ svcauth_gss_unwrap(SVCAUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr | |
970 | { | |
971 | struct svc_rpc_gss_data *gd; | |
972 | ||
973 | - log_debug("in svcauth_gss_unwrap()"); | |
974 | + gss_log_debug("in svcauth_gss_unwrap()"); | |
975 | ||
976 | gd = SVCAUTH_PRIVATE(auth); | |
977 | ||
978 | diff --git a/src/svc_auth_unix.c b/src/svc_auth_unix.c | |
979 | index ce83859..9585069 100644 | |
980 | --- a/src/svc_auth_unix.c | |
981 | +++ b/src/svc_auth_unix.c | |
982 | @@ -43,6 +43,8 @@ | |
983 | ||
984 | #include <rpc/rpc.h> | |
985 | ||
986 | +extern SVCAUTH svc_auth_none; | |
987 | + | |
988 | /* | |
989 | * Unix longhand authenticator | |
990 | */ | |
991 | @@ -67,6 +69,8 @@ _svcauth_unix(rqst, msg) | |
992 | assert(rqst != NULL); | |
993 | assert(msg != NULL); | |
994 | ||
995 | + rqst->rq_xprt->xp_auth = &svc_auth_none; | |
996 | + | |
997 | area = (struct area *) rqst->rq_clntcred; | |
998 | aup = &area->area_aup; | |
999 | aup->aup_machname = area->area_machname; | |
1000 | @@ -142,5 +146,6 @@ _svcauth_short(rqst, msg) | |
1001 | struct svc_req *rqst; | |
1002 | struct rpc_msg *msg; | |
1003 | { | |
1004 | + rqst->rq_xprt->xp_auth = &svc_auth_none; | |
1005 | return (AUTH_REJECTEDCRED); | |
1006 | } | |
1007 | diff --git a/src/svc_dg.c b/src/svc_dg.c | |
1008 | index 66a56ee..b1ac462 100644 | |
1009 | --- a/src/svc_dg.c | |
1010 | +++ b/src/svc_dg.c | |
1011 | @@ -134,6 +134,7 @@ svc_dg_create(fd, sendsize, recvsize) | |
1012 | su->su_cache = NULL; | |
1013 | xprt->xp_fd = fd; | |
1014 | xprt->xp_p2 = su; | |
1015 | + xprt->xp_auth = NULL; | |
1016 | xprt->xp_verf.oa_base = su->su_verfbody; | |
1017 | svc_dg_ops(xprt); | |
1018 | xprt->xp_rtaddr.maxlen = sizeof (struct sockaddr_storage); | |
1019 | @@ -234,10 +235,27 @@ svc_dg_reply(xprt, msg) | |
1020 | bool_t stat = FALSE; | |
1021 | size_t slen; | |
1022 | ||
1023 | + xdrproc_t xdr_results; | |
1024 | + caddr_t xdr_location; | |
1025 | + bool_t has_args; | |
1026 | + | |
1027 | + if (msg->rm_reply.rp_stat == MSG_ACCEPTED && | |
1028 | + msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { | |
1029 | + has_args = TRUE; | |
1030 | + xdr_results = msg->acpted_rply.ar_results.proc; | |
1031 | + xdr_location = msg->acpted_rply.ar_results.where; | |
1032 | + | |
1033 | + msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void; | |
1034 | + msg->acpted_rply.ar_results.where = NULL; | |
1035 | + } else | |
1036 | + has_args = FALSE; | |
1037 | + | |
1038 | xdrs->x_op = XDR_ENCODE; | |
1039 | XDR_SETPOS(xdrs, 0); | |
1040 | msg->rm_xid = su->su_xid; | |
1041 | - if (xdr_replymsg(xdrs, msg)) { | |
1042 | + if (xdr_replymsg(xdrs, msg) && | |
1043 | + (!has_args || (xprt->xp_auth && | |
1044 | + SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) { | |
1045 | struct msghdr *msg = &su->su_msghdr; | |
1046 | struct iovec iov; | |
1047 | ||
1048 | @@ -264,7 +282,12 @@ svc_dg_getargs(xprt, xdr_args, args_ptr) | |
1049 | xdrproc_t xdr_args; | |
1050 | void *args_ptr; | |
1051 | { | |
1052 | - return (*xdr_args)(&(su_data(xprt)->su_xdrs), args_ptr); | |
1053 | + if (! SVCAUTH_UNWRAP(xprt->xp_auth, &(su_data(xprt)->su_xdrs), | |
1054 | + xdr_args, args_ptr)) { | |
1055 | + (void)svc_freeargs(xprt, xdr_args, args_ptr); | |
1056 | + return FALSE; | |
1057 | + } | |
1058 | + return TRUE; | |
1059 | } | |
1060 | ||
1061 | static bool_t | |
1062 | @@ -288,6 +311,10 @@ svc_dg_destroy(xprt) | |
1063 | xprt_unregister(xprt); | |
1064 | if (xprt->xp_fd != -1) | |
1065 | (void)close(xprt->xp_fd); | |
1066 | + if (xprt->xp_auth != NULL) { | |
1067 | + SVCAUTH_DESTROY(xprt->xp_auth); | |
1068 | + xprt->xp_auth = NULL; | |
1069 | + } | |
1070 | XDR_DESTROY(&(su->su_xdrs)); | |
1071 | (void) mem_free(rpc_buffer(xprt), su->su_iosz); | |
1072 | (void) mem_free(su, sizeof (*su)); | |
1073 | @@ -626,10 +653,11 @@ svc_dg_enable_pktinfo(int fd, const struct __rpc_sockinfo *si) | |
1074 | case AF_INET: | |
1075 | (void) setsockopt(fd, SOL_IP, IP_PKTINFO, &val, sizeof(val)); | |
1076 | break; | |
1077 | - | |
1078 | +#ifdef INET6 | |
1079 | case AF_INET6: | |
1080 | - (void) setsockopt(fd, SOL_IPV6, IPV6_PKTINFO, &val, sizeof(val)); | |
1081 | + (void) setsockopt(fd, SOL_IPV6, IPV6_RECVPKTINFO, &val, sizeof(val)); | |
1082 | break; | |
1083 | +#endif | |
1084 | } | |
1085 | } | |
1086 | ||
1087 | @@ -667,6 +695,7 @@ svc_dg_valid_pktinfo(struct msghdr *msg) | |
1088 | } | |
1089 | break; | |
1090 | ||
1091 | +#ifdef INET6 | |
1092 | case AF_INET6: | |
1093 | if (cmsg->cmsg_level != SOL_IPV6 | |
1094 | || cmsg->cmsg_type != IPV6_PKTINFO | |
1095 | @@ -679,6 +708,7 @@ svc_dg_valid_pktinfo(struct msghdr *msg) | |
1096 | pkti->ipi6_ifindex = 0; | |
1097 | } | |
1098 | break; | |
1099 | +#endif | |
1100 | ||
1101 | default: | |
1102 | return 0; | |
1103 | diff --git a/src/svc_vc.c b/src/svc_vc.c | |
1104 | index aaaf2d7..4c70de8 100644 | |
1105 | --- a/src/svc_vc.c | |
1106 | +++ b/src/svc_vc.c | |
1107 | @@ -172,6 +172,7 @@ svc_vc_create(fd, sendsize, recvsize) | |
1108 | xprt->xp_p1 = r; | |
1109 | xprt->xp_p2 = NULL; | |
1110 | xprt->xp_p3 = NULL; | |
1111 | + xprt->xp_auth = NULL; | |
1112 | xprt->xp_verf = _null_auth; | |
1113 | svc_vc_rendezvous_ops(xprt); | |
1114 | xprt->xp_port = (u_short)-1; /* It is the rendezvouser */ | |
1115 | @@ -283,6 +284,7 @@ makefd_xprt(fd, sendsize, recvsize) | |
1116 | xdrrec_create(&(cd->xdrs), sendsize, recvsize, | |
1117 | xprt, read_vc, write_vc); | |
1118 | xprt->xp_p1 = cd; | |
1119 | + xprt->xp_auth = NULL; | |
1120 | xprt->xp_verf.oa_base = cd->verf_body; | |
1121 | svc_vc_ops(xprt); /* truely deals with calls */ | |
1122 | xprt->xp_port = 0; /* this is a connection, not a rendezvouser */ | |
1123 | @@ -412,6 +414,10 @@ __svc_vc_dodestroy(xprt) | |
1124 | XDR_DESTROY(&(cd->xdrs)); | |
1125 | mem_free(cd, sizeof(struct cf_conn)); | |
1126 | } | |
1127 | + if (xprt->xp_auth != NULL) { | |
1128 | + SVCAUTH_DESTROY(xprt->xp_auth); | |
1129 | + xprt->xp_auth = NULL; | |
1130 | + } | |
1131 | if (xprt->xp_rtaddr.buf) | |
1132 | mem_free(xprt->xp_rtaddr.buf, xprt->xp_rtaddr.maxlen); | |
1133 | if (xprt->xp_ltaddr.buf) | |
1134 | @@ -610,7 +616,11 @@ svc_vc_recv(xprt, msg) | |
1135 | } | |
1136 | ||
1137 | xdrs->x_op = XDR_DECODE; | |
1138 | - (void)xdrrec_skiprecord(xdrs); | |
1139 | + /* | |
1140 | + * No need skip records with nonblocking connections | |
1141 | + */ | |
1142 | + if (cd->nonblock == FALSE) | |
1143 | + (void)xdrrec_skiprecord(xdrs); | |
1144 | if (xdr_callmsg(xdrs, msg)) { | |
1145 | cd->x_id = msg->rm_xid; | |
1146 | return (TRUE); | |
1147 | @@ -628,8 +638,13 @@ svc_vc_getargs(xprt, xdr_args, args_ptr) | |
1148 | ||
1149 | assert(xprt != NULL); | |
1150 | /* args_ptr may be NULL */ | |
1151 | - return ((*xdr_args)(&(((struct cf_conn *)(xprt->xp_p1))->xdrs), | |
1152 | - args_ptr)); | |
1153 | + | |
1154 | + if (! SVCAUTH_UNWRAP(xprt->xp_auth, | |
1155 | + &(((struct cf_conn *)(xprt->xp_p1))->xdrs), | |
1156 | + xdr_args, args_ptr)) { | |
1157 | + return FALSE; | |
1158 | + } | |
1159 | + return TRUE; | |
1160 | } | |
1161 | ||
1162 | static bool_t | |
1163 | @@ -658,15 +673,35 @@ svc_vc_reply(xprt, msg) | |
1164 | XDR *xdrs; | |
1165 | bool_t rstat; | |
1166 | ||
1167 | + xdrproc_t xdr_results; | |
1168 | + caddr_t xdr_location; | |
1169 | + bool_t has_args; | |
1170 | + | |
1171 | assert(xprt != NULL); | |
1172 | assert(msg != NULL); | |
1173 | ||
1174 | cd = (struct cf_conn *)(xprt->xp_p1); | |
1175 | xdrs = &(cd->xdrs); | |
1176 | ||
1177 | + if (msg->rm_reply.rp_stat == MSG_ACCEPTED && | |
1178 | + msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { | |
1179 | + has_args = TRUE; | |
1180 | + xdr_results = msg->acpted_rply.ar_results.proc; | |
1181 | + xdr_location = msg->acpted_rply.ar_results.where; | |
1182 | + | |
1183 | + msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void; | |
1184 | + msg->acpted_rply.ar_results.where = NULL; | |
1185 | + } else | |
1186 | + has_args = FALSE; | |
1187 | + | |
1188 | xdrs->x_op = XDR_ENCODE; | |
1189 | msg->rm_xid = cd->x_id; | |
1190 | - rstat = xdr_replymsg(xdrs, msg); | |
1191 | + rstat = FALSE; | |
1192 | + if (xdr_replymsg(xdrs, msg) && | |
1193 | + (!has_args || (xprt->xp_auth && | |
1194 | + SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) { | |
1195 | + rstat = TRUE; | |
1196 | + } | |
1197 | (void)xdrrec_endofrecord(xdrs, TRUE); | |
1198 | return (rstat); | |
1199 | } | |
1200 | diff --git a/src/xdr_rec.c b/src/xdr_rec.c | |
1201 | index 4e815d7..2aca623 100644 | |
1202 | --- a/src/xdr_rec.c | |
1203 | +++ b/src/xdr_rec.c | |
1204 | @@ -64,7 +64,6 @@ | |
1205 | #include <rpc/clnt.h> | |
1206 | #include <stddef.h> | |
1207 | #include "rpc_com.h" | |
1208 | -#include <unistd.h> | |
1209 | static bool_t xdrrec_getlong(XDR *, long *); | |
1210 | static bool_t xdrrec_putlong(XDR *, const long *); | |
1211 | static bool_t xdrrec_getbytes(XDR *, char *, u_int); | |
1212 | @@ -330,22 +329,22 @@ xdrrec_getpos(xdrs) | |
1213 | RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private; | |
1214 | off_t pos; | |
1215 | ||
1216 | - pos = lseek((int)(u_long)rstrm->tcp_handle, (off_t)0, 1); | |
1217 | - if (pos != -1) | |
1218 | - switch (xdrs->x_op) { | |
1219 | + switch (xdrs->x_op) { | |
1220 | ||
1221 | - case XDR_ENCODE: | |
1222 | - pos += rstrm->out_finger - rstrm->out_base; | |
1223 | - break; | |
1224 | + case XDR_ENCODE: | |
1225 | + pos = rstrm->out_finger - rstrm->out_base | |
1226 | + - BYTES_PER_XDR_UNIT; | |
1227 | + break; | |
1228 | ||
1229 | - case XDR_DECODE: | |
1230 | - pos -= rstrm->in_boundry - rstrm->in_finger; | |
1231 | - break; | |
1232 | + case XDR_DECODE: | |
1233 | + pos = rstrm->in_boundry - rstrm->in_finger | |
1234 | + - BYTES_PER_XDR_UNIT; | |
1235 | + break; | |
1236 | ||
1237 | - default: | |
1238 | - pos = (off_t) -1; | |
1239 | - break; | |
1240 | - } | |
1241 | + default: | |
1242 | + pos = (off_t) -1; | |
1243 | + break; | |
1244 | + } | |
1245 | return ((u_int) pos); | |
1246 | } | |
1247 | ||
1248 | diff --git a/tirpc/rpc/auth.h b/tirpc/rpc/auth.h | |
1249 | index 734e6b9..e7bbe36 100644 | |
1250 | --- a/tirpc/rpc/auth.h | |
1251 | +++ b/tirpc/rpc/auth.h | |
1252 | @@ -51,6 +51,7 @@ | |
1253 | #include <sys/cdefs.h> | |
1254 | #include <sys/socket.h> | |
1255 | #include <sys/types.h> | |
1256 | +#include <stdio.h> | |
1257 | ||
1258 | ||
1259 | #define MAX_AUTH_BYTES 400 | |
1260 | @@ -203,8 +204,22 @@ typedef struct __auth { | |
1261 | ||
1262 | } *ah_ops; | |
1263 | void *ah_private; | |
1264 | + int ah_refcnt; | |
1265 | } AUTH; | |
1266 | ||
1267 | +static __inline int | |
1268 | +auth_get(AUTH *auth) | |
1269 | +{ | |
1270 | + return __sync_add_and_fetch(&auth->ah_refcnt, 1); | |
1271 | +} | |
1272 | + | |
1273 | +static __inline int | |
1274 | +auth_put(AUTH *auth) | |
1275 | +{ | |
1276 | + return __sync_sub_and_fetch(&auth->ah_refcnt, 1); | |
1277 | +} | |
1278 | + | |
1279 | + | |
1280 | ||
1281 | /* | |
1282 | * Authentication ops. | |
1283 | @@ -234,10 +249,29 @@ typedef struct __auth { | |
1284 | #define auth_refresh(auth, msg) \ | |
1285 | ((*((auth)->ah_ops->ah_refresh))(auth, msg)) | |
1286 | ||
1287 | -#define AUTH_DESTROY(auth) \ | |
1288 | - ((*((auth)->ah_ops->ah_destroy))(auth)) | |
1289 | -#define auth_destroy(auth) \ | |
1290 | - ((*((auth)->ah_ops->ah_destroy))(auth)) | |
1291 | +#if defined(__GNUC__) && defined(DEBUG) | |
1292 | +#define auth_log_debug(fmt,args...) printf(stderr, fmt, args) | |
1293 | +#else | |
1294 | +#define auth_log_debug(fmt,args...) | |
1295 | +#endif | |
1296 | + | |
1297 | +#define AUTH_DESTROY(auth) \ | |
1298 | + do { \ | |
1299 | + int refs; \ | |
1300 | + if ((refs = auth_put((auth))) == 0) \ | |
1301 | + ((*((auth)->ah_ops->ah_destroy))(auth));\ | |
1302 | + auth_log_debug("%s: auth_put(), refs %d\n", \ | |
1303 | + __func__, refs); \ | |
1304 | + } while (0) | |
1305 | + | |
1306 | +#define auth_destroy(auth) \ | |
1307 | + do { \ | |
1308 | + int refs; \ | |
1309 | + if ((refs = auth_put((auth))) == 0) \ | |
1310 | + ((*((auth)->ah_ops->ah_destroy))(auth));\ | |
1311 | + auth_log_debug("%s: auth_put(), refs %d\n", \ | |
1312 | + __func__, refs); \ | |
1313 | + } while (0) | |
1314 | ||
1315 | #define AUTH_WRAP(auth, xdrs, xfunc, xwhere) \ | |
1316 | ((*((auth)->ah_ops->ah_wrap))(auth, xdrs, \ | |
1317 | @@ -373,7 +407,7 @@ __END_DECLS | |
1318 | __BEGIN_DECLS | |
1319 | struct svc_req; | |
1320 | struct rpc_msg; | |
1321 | -enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *); | |
1322 | +enum auth_stat _svcauth_none (struct svc_req *, struct rpc_msg *); | |
1323 | enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *); | |
1324 | enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *); | |
1325 | __END_DECLS | |
1326 | diff --git a/tirpc/rpc/auth_gss.h b/tirpc/rpc/auth_gss.h | |
1327 | index 633b11f..fc3ffbd 100644 | |
1328 | --- a/tirpc/rpc/auth_gss.h | |
1329 | +++ b/tirpc/rpc/auth_gss.h | |
1330 | @@ -120,10 +120,10 @@ bool_t authgss_service __P((AUTH *auth, int svc)); | |
1331 | bool_t authgss_get_private_data __P((AUTH *auth, | |
1332 | struct authgss_private_data *)); | |
1333 | ||
1334 | -void log_debug __P((const char *fmt, ...)); | |
1335 | -void log_status __P((char *m, OM_uint32 major, | |
1336 | +void gss_log_debug __P((const char *fmt, ...)); | |
1337 | +void gss_log_status __P((char *m, OM_uint32 major, | |
1338 | OM_uint32 minor)); | |
1339 | -void log_hexdump __P((const u_char *buf, int len, int offset)); | |
1340 | +void gss_log_hexdump __P((const u_char *buf, int len, int offset)); | |
1341 | ||
1342 | __END_DECLS | |
1343 | ||
1344 | diff --git a/tirpc/rpc/des.h b/tirpc/rpc/des.h | |
1345 | index e3d6897..d2881ad 100644 | |
1346 | --- a/tirpc/rpc/des.h | |
1347 | +++ b/tirpc/rpc/des.h | |
1348 | @@ -33,6 +33,9 @@ | |
1349 | * Copyright (c) 1986 by Sun Microsystems, Inc. | |
1350 | */ | |
1351 | ||
1352 | +#ifndef _RPC_DES_H_ | |
1353 | +#define _RPC_DES_H_ | |
1354 | + | |
1355 | #define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */ | |
1356 | #define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */ | |
1357 | ||
1358 | @@ -80,3 +83,5 @@ struct desparams { | |
1359 | * Software DES. | |
1360 | */ | |
1361 | extern int _des_crypt( char *, int, struct desparams * ); | |
1362 | + | |
1363 | +#endif | |
1364 | diff --git a/tirpc/rpc/svc_auth.h b/tirpc/rpc/svc_auth.h | |
1365 | index 659e90c..14269d1 100644 | |
1366 | --- a/tirpc/rpc/svc_auth.h | |
1367 | +++ b/tirpc/rpc/svc_auth.h | |
1368 | @@ -44,17 +44,23 @@ | |
1369 | /* | |
1370 | * Interface to server-side authentication flavors. | |
1371 | */ | |
1372 | -typedef struct { | |
1373 | +typedef struct SVCAUTH { | |
1374 | struct svc_auth_ops { | |
1375 | - int (*svc_ah_wrap)(void); | |
1376 | - int (*svc_ah_unwrap)(void); | |
1377 | - int (*svc_ah_destroy)(void); | |
1378 | + int (*svc_ah_wrap)(struct SVCAUTH *, XDR *, xdrproc_t, | |
1379 | + caddr_t); | |
1380 | + int (*svc_ah_unwrap)(struct SVCAUTH *, XDR *, xdrproc_t, | |
1381 | + caddr_t); | |
1382 | + int (*svc_ah_destroy)(struct SVCAUTH *); | |
1383 | } *svc_ah_ops; | |
1384 | caddr_t svc_ah_private; | |
1385 | } SVCAUTH; | |
1386 | ||
1387 | -#define SVCAUTH_DESTROY(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)()) | |
1388 | -#define svcauth_destroy(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)()) | |
1389 | +#define SVCAUTH_WRAP(auth, xdrs, xfunc, xwhere) \ | |
1390 | + ((*((auth)->svc_ah_ops->svc_ah_wrap))(auth, xdrs, xfunc, xwhere)) | |
1391 | +#define SVCAUTH_UNWRAP(auth, xdrs, xfunc, xwhere) \ | |
1392 | + ((*((auth)->svc_ah_ops->svc_ah_unwrap))(auth, xdrs, xfunc, xwhere)) | |
1393 | +#define SVCAUTH_DESTROY(auth) \ | |
1394 | + ((*((auth)->svc_ah_ops->svc_ah_destroy))(auth)) | |
1395 | ||
1396 | /* | |
1397 | * Server side authenticator |