]>
git.ipfire.org Git - thirdparty/glibc.git/blob - sunrpc/auth_unix.c
1 /* @(#)auth_unix.c 2.2 88/08/01 4.0 RPCSRC */
3 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
4 * unrestricted use provided that this legend is included on all tape
5 * media and as a part of the software program in whole or part. Users
6 * may copy or modify Sun RPC without charge, but are not authorized
7 * to license or distribute it to anyone else except as part of a product or
8 * program developed by the user.
10 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
11 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
12 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14 * Sun RPC is provided with no support and without any obligation on the
15 * part of Sun Microsystems, Inc. to assist in its use, correction,
16 * modification or enhancement.
18 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
19 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
20 * OR ANY PART THEREOF.
22 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
23 * or profits or other special, indirect and consequential damages, even if
24 * Sun has been advised of the possibility of such damages.
26 * Sun Microsystems, Inc.
28 * Mountain View, California 94043
30 #if !defined(lint) && defined(SCCSIDS)
31 static char sccsid
[] = "@(#)auth_unix.c 1.19 87/08/11 Copyr 1984 Sun Micro";
35 * auth_unix.c, Implements UNIX style authentication parameters.
37 * Copyright (C) 1984, Sun Microsystems, Inc.
39 * The system is very weak. The client uses no encryption for it's
40 * credentials and only sends null verifiers. The server sends backs
41 * null verifiers or optionally a verifier that suggests a new short hand
42 * for the credentials.
50 #include <sys/param.h>
52 #include <rpc/types.h>
55 #include <rpc/auth_unix.h>
57 extern bool_t
xdr_opaque_auth (XDR
*, struct opaque_auth
*);
60 * Unix authenticator operations vector
62 static void authunix_nextverf (AUTH
*);
63 static bool_t
authunix_marshal (AUTH
*, XDR
*);
64 static bool_t
authunix_validate (AUTH
*, struct opaque_auth
*);
65 static bool_t
authunix_refresh (AUTH
*);
66 static void authunix_destroy (AUTH
*);
68 static struct auth_ops auth_unix_ops
=
78 * This struct is pointed to by the ah_private field of an auth_handle.
82 struct opaque_auth au_origcred
; /* original credentials */
83 struct opaque_auth au_shcred
; /* short hand cred */
84 u_long au_shfaults
; /* short hand cache faults */
85 char au_marshed
[MAX_AUTH_BYTES
];
86 u_int au_mpos
; /* xdr pos at end of marshed */
88 #define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
90 static bool_t
marshal_new_auth (AUTH
*);
94 * Create a unix style authenticator.
95 * Returns an auth handle with the given stuff in it.
98 authunix_create (machname
, uid
, gid
, len
, aup_gids
)
105 struct authunix_parms aup
;
106 char mymem
[MAX_AUTH_BYTES
];
113 * Allocate and set up auth handle
115 auth
= (AUTH
*) mem_alloc (sizeof (*auth
));
118 (void) fprintf (stderr
, _("authunix_create: out of memory\n"));
121 au
= (struct audata
*) mem_alloc (sizeof (*au
));
124 (void) fprintf (stderr
, _("authunix_create: out of memory\n"));
127 auth
->ah_ops
= &auth_unix_ops
;
128 auth
->ah_private
= (caddr_t
) au
;
129 auth
->ah_verf
= au
->au_shcred
= _null_auth
;
133 * fill in param struct from the given params
135 (void) gettimeofday (&now
, (struct timezone
*) 0);
136 aup
.aup_time
= now
.tv_sec
;
137 aup
.aup_machname
= machname
;
140 aup
.aup_len
= (u_int
) len
;
141 aup
.aup_gids
= aup_gids
;
144 * Serialize the parameters into origcred
146 xdrmem_create (&xdrs
, mymem
, MAX_AUTH_BYTES
, XDR_ENCODE
);
147 if (!xdr_authunix_parms (&xdrs
, &aup
))
149 au
->au_origcred
.oa_length
= len
= XDR_GETPOS (&xdrs
);
150 au
->au_origcred
.oa_flavor
= AUTH_UNIX
;
151 if ((au
->au_origcred
.oa_base
= mem_alloc ((u_int
) len
)) == NULL
)
153 (void) fprintf (stderr
, _("authunix_create: out of memory\n"));
156 bcopy (mymem
, au
->au_origcred
.oa_base
, (u_int
) len
);
159 * set auth handle to reflect new cred.
161 auth
->ah_cred
= au
->au_origcred
;
162 marshal_new_auth (auth
);
167 * Returns an auth handle with parameters determined by doing lots of
171 authunix_create_default (void)
174 char machname
[MAX_MACHINE_NAME
+ 1];
177 int max_nr_groups
= sysconf (_SC_NGROUPS_MAX
);
178 gid_t gids
[max_nr_groups
];
180 if (gethostname (machname
, MAX_MACHINE_NAME
) == -1)
182 machname
[MAX_MACHINE_NAME
] = 0;
186 if ((len
= getgroups (max_nr_groups
, gids
)) < 0)
188 /* This braindamaged Sun code forces us here to truncate the
189 list of groups to NGRPS members since the code in
190 authuxprot.c transforms a fixed array. Grrr. */
191 return authunix_create (machname
, uid
, gid
, MIN (NGRPS
, len
), gids
);
195 * authunix operations
199 authunix_nextverf (AUTH
*auth
)
201 /* no action necessary */
205 authunix_marshal (AUTH
*auth
, XDR
*xdrs
)
207 struct audata
*au
= AUTH_PRIVATE (auth
);
209 return XDR_PUTBYTES (xdrs
, au
->au_marshed
, au
->au_mpos
);
213 authunix_validate (AUTH
*auth
, struct opaque_auth
*verf
)
218 if (verf
->oa_flavor
== AUTH_SHORT
)
220 au
= AUTH_PRIVATE (auth
);
221 xdrmem_create (&xdrs
, verf
->oa_base
, verf
->oa_length
,
224 if (au
->au_shcred
.oa_base
!= NULL
)
226 mem_free (au
->au_shcred
.oa_base
,
227 au
->au_shcred
.oa_length
);
228 au
->au_shcred
.oa_base
= NULL
;
230 if (xdr_opaque_auth (&xdrs
, &au
->au_shcred
))
232 auth
->ah_cred
= au
->au_shcred
;
236 xdrs
.x_op
= XDR_FREE
;
237 (void) xdr_opaque_auth (&xdrs
, &au
->au_shcred
);
238 au
->au_shcred
.oa_base
= NULL
;
239 auth
->ah_cred
= au
->au_origcred
;
241 marshal_new_auth (auth
);
247 authunix_refresh (AUTH
*auth
)
249 struct audata
*au
= AUTH_PRIVATE (auth
);
250 struct authunix_parms aup
;
255 if (auth
->ah_cred
.oa_base
== au
->au_origcred
.oa_base
)
257 /* there is no hope. Punt */
262 /* first deserialize the creds back into a struct authunix_parms */
263 aup
.aup_machname
= NULL
;
264 aup
.aup_gids
= (gid_t
*) NULL
;
265 xdrmem_create (&xdrs
, au
->au_origcred
.oa_base
,
266 au
->au_origcred
.oa_length
, XDR_DECODE
);
267 stat
= xdr_authunix_parms (&xdrs
, &aup
);
271 /* update the time and serialize in place */
272 (void) gettimeofday (&now
, (struct timezone
*) 0);
273 aup
.aup_time
= now
.tv_sec
;
274 xdrs
.x_op
= XDR_ENCODE
;
275 XDR_SETPOS (&xdrs
, 0);
276 stat
= xdr_authunix_parms (&xdrs
, &aup
);
279 auth
->ah_cred
= au
->au_origcred
;
280 marshal_new_auth (auth
);
282 /* free the struct authunix_parms created by deserializing */
283 xdrs
.x_op
= XDR_FREE
;
284 (void) xdr_authunix_parms (&xdrs
, &aup
);
290 authunix_destroy (AUTH
*auth
)
292 struct audata
*au
= AUTH_PRIVATE (auth
);
294 mem_free (au
->au_origcred
.oa_base
, au
->au_origcred
.oa_length
);
296 if (au
->au_shcred
.oa_base
!= NULL
)
297 mem_free (au
->au_shcred
.oa_base
, au
->au_shcred
.oa_length
);
299 mem_free (auth
->ah_private
, sizeof (struct audata
));
301 if (auth
->ah_verf
.oa_base
!= NULL
)
302 mem_free (auth
->ah_verf
.oa_base
, auth
->ah_verf
.oa_length
);
304 mem_free ((caddr_t
) auth
, sizeof (*auth
));
308 * Marshals (pre-serializes) an auth struct.
309 * sets private data, au_marshed and au_mpos
312 marshal_new_auth (AUTH
*auth
)
315 XDR
*xdrs
= &xdr_stream
;
316 struct audata
*au
= AUTH_PRIVATE (auth
);
318 xdrmem_create (xdrs
, au
->au_marshed
, MAX_AUTH_BYTES
, XDR_ENCODE
);
319 if ((!xdr_opaque_auth (xdrs
, &(auth
->ah_cred
))) ||
320 (!xdr_opaque_auth (xdrs
, &(auth
->ah_verf
))))
322 perror (_("auth_none.c - Fatal marshalling problem"));
326 au
->au_mpos
= XDR_GETPOS (xdrs
);