Gitiles
Code Review Sign In
192.168.1.100 / R306 / 824eb0c6ade808c4501e62fbcf0025f4e694cd11 / . / ap / build / uClibc / libc / inet / rpc / auth_unix.c
blob: 1337214e5db6c49d877c89b30541b2ccf3694f07 [file] [log] [blame]
yuezonghe824eb0c2024-06-27 02:32:26 -0700[diff] [blame^]1/*
2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
8 *
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
12 *
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
16 *
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
20 *
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
24 *
25 * Sun Microsystems, Inc.
26 * 2550 Garcia Avenue
27 * Mountain View, California 94043
28 */
29/*
30 * Copyright (C) 1984, Sun Microsystems, Inc.
31 */
32/*
33 * auth_unix.c, Implements UNIX style authentication parameters.
34 *
35 * The system is very weak. The client uses no encryption for it's
36 * credentials and only sends null verifiers. The server sends backs
37 * null verifiers or optionally a verifier that suggests a new short hand
38 * for the credentials.
39 */
40
41#define __FORCE_GLIBC
42#include <features.h>
43
44#include <limits.h>
45#include <stdio.h>
46#include <string.h>
47#include <unistd.h>
48#include <sys/param.h>
49
50#include <rpc/types.h>
51#include <rpc/xdr.h>
52#include <rpc/auth.h>
53#include <rpc/auth_unix.h>
54
55#ifdef USE_IN_LIBIO
56# include <wchar.h>
57#endif
58
59/*
60 * Unix authenticator operations vector
61 */
62static void authunix_nextverf (AUTH *);
63static bool_t authunix_marshal (AUTH *, XDR *);
64static bool_t authunix_validate (AUTH *, struct opaque_auth *);
65static bool_t authunix_refresh (AUTH *);
66static void authunix_destroy (AUTH *);
67
68static struct auth_ops auth_unix_ops = {
69 authunix_nextverf,
70 authunix_marshal,
71 authunix_validate,
72 authunix_refresh,
73 authunix_destroy
74};
75
76/*
77 * This struct is pointed to by the ah_private field of an auth_handle.
78 */
79struct audata {
80 struct opaque_auth au_origcred; /* original credentials */
81 struct opaque_auth au_shcred; /* short hand cred */
82 u_long au_shfaults; /* short hand cache faults */
83 char au_marshed[MAX_AUTH_BYTES];
84 u_int au_mpos; /* xdr pos at end of marshed */
85};
86#define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
87
88static bool_t marshal_new_auth (AUTH *) internal_function;
89
90
91/*
92 * Create a unix style authenticator.
93 * Returns an auth handle with the given stuff in it.
94 */
95AUTH *
96authunix_create (char *machname, uid_t uid, gid_t gid, int len,
97 gid_t *aup_gids)
98{
99 struct authunix_parms aup;
100 char mymem[MAX_AUTH_BYTES];
101 struct timeval now;
102 XDR xdrs;
103 AUTH *auth;
104 struct audata *au;
105
106 /*
107 * Allocate and set up auth handle
108 */
109 auth = (AUTH *) mem_alloc (sizeof (*auth));
110 au = (struct audata *) mem_alloc (sizeof (*au));
111 if (auth == NULL || au == NULL)
112 {
113no_memory:
114#ifdef USE_IN_LIBIO
115 if (_IO_fwide (stderr, 0) > 0)
116 (void) fwprintf (stderr, L"%s",
117 _("authunix_create: out of memory\n"));
118 else
119#endif
120 (void) fputs (_("authunix_create: out of memory\n"), stderr);
121 mem_free (auth, sizeof (*auth));
122 mem_free (au, sizeof (*au));
123 return NULL;
124 }
125 auth->ah_ops = &auth_unix_ops;
126 auth->ah_private = (caddr_t) au;
127 auth->ah_verf = au->au_shcred = _null_auth;
128 au->au_shfaults = 0;
129
130 /*
131 * fill in param struct from the given params
132 */
133 (void) gettimeofday (&now, (struct timezone *) 0);
134 aup.aup_time = now.tv_sec;
135 aup.aup_machname = machname;
136 aup.aup_uid = uid;
137 aup.aup_gid = gid;
138 aup.aup_len = (u_int) len;
139 aup.aup_gids = aup_gids;
140
141 /*
142 * Serialize the parameters into origcred
143 */
144 xdrmem_create (&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE);
145 if (!xdr_authunix_parms (&xdrs, &aup))
146 abort ();
147 au->au_origcred.oa_length = len = XDR_GETPOS (&xdrs);
148 au->au_origcred.oa_flavor = AUTH_UNIX;
149 au->au_origcred.oa_base = mem_alloc ((u_int) len);
150 if (au->au_origcred.oa_base == NULL)
151 goto no_memory;
152 memcpy(au->au_origcred.oa_base, mymem, (u_int) len);
153
154 /*
155 * set auth handle to reflect new cred.
156 */
157 auth->ah_cred = au->au_origcred;
158 marshal_new_auth (auth);
159 return auth;
160}
161libc_hidden_def(authunix_create)
162
163/*
164 * Returns an auth handle with parameters determined by doing lots of
165 * syscalls.
166 */
167AUTH *
168authunix_create_default (void)
169{
170 int len;
171 char machname[MAX_MACHINE_NAME + 1];
172 uid_t uid;
173 gid_t gid;
174 int max_nr_groups = sysconf (_SC_NGROUPS_MAX);
175 gid_t *gids = NULL;
176 AUTH *ret_auth;
177
178 if (max_nr_groups) {
179 gids = (gid_t*)malloc(sizeof(*gids) * max_nr_groups);
180 if (gids == NULL)
181 abort ();
182 }
183
184 if (gethostname (machname, MAX_MACHINE_NAME) == -1)
185 abort ();
186 machname[MAX_MACHINE_NAME] = 0;
187 uid = geteuid ();
188 gid = getegid ();
189
190 if ((len = getgroups (max_nr_groups, gids)) < 0)
191 abort ();
192 /* This braindamaged Sun code forces us here to truncate the
193 list of groups to NGRPS members since the code in
194 authuxprot.c transforms a fixed array. Grrr. */
195 ret_auth = authunix_create (machname, uid, gid, MIN (NGRPS, len), gids);
196 free (gids);
197 return ret_auth;
198}
199libc_hidden_def(authunix_create_default)
200
201/*
202 * authunix operations
203 */
204
205static void
206authunix_nextverf (AUTH *auth attribute_unused)
207{
208 /* no action necessary */
209}
210
211static bool_t
212authunix_marshal (AUTH *auth, XDR *xdrs)
213{
214 struct audata *au = AUTH_PRIVATE (auth);
215
216 return XDR_PUTBYTES (xdrs, au->au_marshed, au->au_mpos);
217}
218
219static bool_t
220authunix_validate (AUTH *auth, struct opaque_auth *verf)
221{
222 struct audata *au;
223 XDR xdrs;
224
225 if (verf->oa_flavor == AUTH_SHORT)
226 {
227 au = AUTH_PRIVATE (auth);
228 xdrmem_create (&xdrs, verf->oa_base, verf->oa_length,
229 XDR_DECODE);
230
231 if (au->au_shcred.oa_base != NULL)
232 {
233 mem_free (au->au_shcred.oa_base,
234 au->au_shcred.oa_length);
235 au->au_shcred.oa_base = NULL;
236 }
237 if (xdr_opaque_auth (&xdrs, &au->au_shcred))
238 {
239 auth->ah_cred = au->au_shcred;
240 }
241 else
242 {
243 xdrs.x_op = XDR_FREE;
244 (void) xdr_opaque_auth (&xdrs, &au->au_shcred);
245 au->au_shcred.oa_base = NULL;
246 auth->ah_cred = au->au_origcred;
247 }
248 marshal_new_auth (auth);
249 }
250 return TRUE;
251}
252
253static bool_t
254authunix_refresh (AUTH *auth)
255{
256 struct audata *au = AUTH_PRIVATE (auth);
257 struct authunix_parms aup;
258 struct timeval now;
259 XDR xdrs;
260 int stat;
261
262 if (auth->ah_cred.oa_base == au->au_origcred.oa_base)
263 {
264 /* there is no hope. Punt */
265 return FALSE;
266 }
267 au->au_shfaults++;
268
269 /* first deserialize the creds back into a struct authunix_parms */
270 aup.aup_machname = NULL;
271 aup.aup_gids = (gid_t *) NULL;
272 xdrmem_create (&xdrs, au->au_origcred.oa_base,
273 au->au_origcred.oa_length, XDR_DECODE);
274 stat = xdr_authunix_parms (&xdrs, &aup);
275 if (!stat)
276 goto done;
277
278 /* update the time and serialize in place */
279 (void) gettimeofday (&now, (struct timezone *) 0);
280 aup.aup_time = now.tv_sec;
281 xdrs.x_op = XDR_ENCODE;
282 XDR_SETPOS (&xdrs, 0);
283 stat = xdr_authunix_parms (&xdrs, &aup);
284 if (!stat)
285 goto done;
286 auth->ah_cred = au->au_origcred;
287 marshal_new_auth (auth);
288done:
289 /* free the struct authunix_parms created by deserializing */
290 xdrs.x_op = XDR_FREE;
291 (void) xdr_authunix_parms (&xdrs, &aup);
292 XDR_DESTROY (&xdrs);
293 return stat;
294}
295
296static void
297authunix_destroy (AUTH *auth)
298{
299 struct audata *au = AUTH_PRIVATE (auth);
300
301 mem_free (au->au_origcred.oa_base, au->au_origcred.oa_length);
302
303 if (au->au_shcred.oa_base != NULL)
304 mem_free (au->au_shcred.oa_base, au->au_shcred.oa_length);
305
306 mem_free (auth->ah_private, sizeof (struct audata));
307
308 if (auth->ah_verf.oa_base != NULL)
309 mem_free (auth->ah_verf.oa_base, auth->ah_verf.oa_length);
310
311 mem_free ((caddr_t) auth, sizeof (*auth));
312}
313
314/*
315 * Marshals (pre-serializes) an auth struct.
316 * sets private data, au_marshed and au_mpos
317 */
318static bool_t
319internal_function
320marshal_new_auth (AUTH *auth)
321{
322 XDR xdr_stream;
323 XDR *xdrs = &xdr_stream;
324 struct audata *au = AUTH_PRIVATE (auth);
325
326 xdrmem_create (xdrs, au->au_marshed, MAX_AUTH_BYTES, XDR_ENCODE);
327 if ((!xdr_opaque_auth (xdrs, &(auth->ah_cred))) ||
328 (!xdr_opaque_auth (xdrs, &(auth->ah_verf))))
329 perror (_("auth_none.c - Fatal marshalling problem"));
330 else
331 au->au_mpos = XDR_GETPOS (xdrs);
332
333 XDR_DESTROY (xdrs);
334
335 return TRUE;
336}