The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/rpc/svc_auth_unix.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: BSD-3-Clause
    3  *
    4  * Copyright (c) 2009, Sun Microsystems, Inc.
    5  * All rights reserved.
    6  *
    7  * Redistribution and use in source and binary forms, with or without 
    8  * modification, are permitted provided that the following conditions are met:
    9  * - Redistributions of source code must retain the above copyright notice, 
   10  *   this list of conditions and the following disclaimer.
   11  * - Redistributions in binary form must reproduce the above copyright notice, 
   12  *   this list of conditions and the following disclaimer in the documentation 
   13  *   and/or other materials provided with the distribution.
   14  * - Neither the name of Sun Microsystems, Inc. nor the names of its 
   15  *   contributors may be used to endorse or promote products derived 
   16  *   from this software without specific prior written permission.
   17  * 
   18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
   19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
   20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
   21  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 
   22  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
   23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
   24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
   25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
   26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
   28  * POSSIBILITY OF SUCH DAMAGE.
   29  */
   30 
   31 #if defined(LIBC_SCCS) && !defined(lint)
   32 static char *sccsid2 = "@(#)svc_auth_unix.c 1.28 88/02/08 Copyr 1984 Sun Micro";
   33 static char *sccsid = "@(#)svc_auth_unix.c      2.3 88/08/01 4.0 RPCSRC";
   34 #endif
   35 #include <sys/cdefs.h>
   36 __FBSDID("$FreeBSD: releng/12.0/sys/rpc/svc_auth_unix.c 326023 2017-11-20 19:43:44Z pfg $");
   37 
   38 /*
   39  * svc_auth_unix.c
   40  * Handles UNIX flavor authentication parameters on the service side of rpc.
   41  * There are two svc auth implementations here: AUTH_UNIX and AUTH_SHORT.
   42  * _svcauth_unix does full blown unix style uid,gid+gids auth,
   43  * _svcauth_short uses a shorthand auth to index into a cache of longhand auths.
   44  * Note: the shorthand has been gutted for efficiency.
   45  *
   46  * Copyright (C) 1984, Sun Microsystems, Inc.
   47  */
   48 
   49 #include <sys/param.h>
   50 #include <sys/lock.h>
   51 #include <sys/mutex.h>
   52 #include <sys/systm.h>
   53 #include <sys/ucred.h>
   54 
   55 #include <rpc/rpc.h>
   56 
   57 #include <rpc/rpc_com.h>
   58 
   59 #define MAX_MACHINE_NAME        255
   60 #define NGRPS                   16
   61 
   62 /*
   63  * Unix longhand authenticator
   64  */
   65 enum auth_stat
   66 _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
   67 {
   68         enum auth_stat stat;
   69         XDR xdrs;
   70         int32_t *buf;
   71         uint32_t time;
   72         struct xucred *xcr;
   73         u_int auth_len;
   74         size_t str_len, gid_len;
   75         u_int i;
   76 
   77         xcr = rqst->rq_clntcred;
   78         auth_len = (u_int)msg->rm_call.cb_cred.oa_length;
   79         xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,
   80             XDR_DECODE);
   81         buf = XDR_INLINE(&xdrs, auth_len);
   82         if (buf != NULL) {
   83                 time = IXDR_GET_UINT32(buf);
   84                 str_len = (size_t)IXDR_GET_UINT32(buf);
   85                 if (str_len > MAX_MACHINE_NAME) {
   86                         stat = AUTH_BADCRED;
   87                         goto done;
   88                 }
   89                 str_len = RNDUP(str_len);
   90                 buf += str_len / sizeof (int32_t);
   91                 xcr->cr_uid = IXDR_GET_UINT32(buf);
   92                 xcr->cr_groups[0] = IXDR_GET_UINT32(buf);
   93                 gid_len = (size_t)IXDR_GET_UINT32(buf);
   94                 if (gid_len > NGRPS) {
   95                         stat = AUTH_BADCRED;
   96                         goto done;
   97                 }
   98                 for (i = 0; i < gid_len; i++) {
   99                         if (i + 1 < XU_NGROUPS)
  100                                 xcr->cr_groups[i + 1] = IXDR_GET_INT32(buf);
  101                         else
  102                                 buf++;
  103                 }
  104                 if (gid_len + 1 > XU_NGROUPS)
  105                         xcr->cr_ngroups = XU_NGROUPS;
  106                 else
  107                         xcr->cr_ngroups = gid_len + 1;
  108 
  109                 /*
  110                  * five is the smallest unix credentials structure -
  111                  * timestamp, hostname len (0), uid, gid, and gids len (0).
  112                  */
  113                 if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
  114                         (void) printf("bad auth_len gid %ld str %ld auth %u\n",
  115                             (long)gid_len, (long)str_len, auth_len);
  116                         stat = AUTH_BADCRED;
  117                         goto done;
  118                 }
  119         } else if (! xdr_authunix_parms(&xdrs, &time, xcr)) {
  120                 stat = AUTH_BADCRED;
  121                 goto done;
  122         }
  123 
  124         rqst->rq_verf = _null_auth;
  125         stat = AUTH_OK;
  126 done:
  127         XDR_DESTROY(&xdrs);
  128 
  129         return (stat);
  130 }
  131 
  132 
  133 /*
  134  * Shorthand unix authenticator
  135  * Looks up longhand in a cache.
  136  */
  137 /*ARGSUSED*/
  138 enum auth_stat 
  139 _svcauth_short(rqst, msg)
  140         struct svc_req *rqst;
  141         struct rpc_msg *msg;
  142 {
  143         return (AUTH_REJECTEDCRED);
  144 }

Cache object: 555119d48813ee1bde4ee7541b17a4ae


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.