search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libutil: add O_NOCTTY back to old pty open code
[minix.git] / lib / libc / rpc / auth_unix.c
blob8792eb32ccf3f4d2e1ddebc020fd4a4c206dffc7
1 /* $NetBSD: auth_unix.c,v 1.22 2009/01/11 02:46:29 christos Exp $ */
2
3 /*
4 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
5 * unrestricted use provided that this legend is included on all tape
6 * media and as a part of the software program in whole or part. Users
7 * may copy or modify Sun RPC without charge, but are not authorized
8 * to license or distribute it to anyone else except as part of a product or
9 * program developed by the user.
10 *
11 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
12 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
13 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14 *
15 * Sun RPC is provided with no support and without any obligation on the
16 * part of Sun Microsystems, Inc. to assist in its use, correction,
17 * modification or enhancement.
18 *
19 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
20 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
21 * OR ANY PART THEREOF.
22 *
23 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
24 * or profits or other special, indirect and consequential damages, even if
25 * Sun has been advised of the possibility of such damages.
26 *
27 * Sun Microsystems, Inc.
28 * 2550 Garcia Avenue
29 * Mountain View, California 94043
30 */
31
32 #include <sys/cdefs.h>
33 #if defined(LIBC_SCCS) && !defined(lint)
34 #if 0
35 static char *sccsid = "@(#)auth_unix.c 1.19 87/08/11 Copyr 1984 Sun Micro";
36 static char *sccsid = "@(#)auth_unix.c 2.2 88/08/01 4.0 RPCSRC";
37 #else
38 __RCSID("$NetBSD: auth_unix.c,v 1.22 2009/01/11 02:46:29 christos Exp $");
39 #endif
40 #endif
41
42 /*
43 * auth_unix.c, Implements UNIX style authentication parameters.
44 *
45 * Copyright (C) 1984, Sun Microsystems, Inc.
46 *
47 * The system is very weak. The client uses no encryption for it's
48 * credentials and only sends null verifiers. The server sends backs
49 * null verifiers or optionally a verifier that suggests a new short hand
50 * for the credentials.
51 *
52 */
53
54 #include "namespace.h"
55 #include "reentrant.h"
56 #include <sys/param.h>
57
58 #include <assert.h>
59 #include <err.h>
60 #include <stdio.h>
61 #include <stdlib.h>
62 #include <string.h>
63 #include <unistd.h>
64
65 #include <rpc/types.h>
66 #include <rpc/xdr.h>
67 #include <rpc/auth.h>
68 #include <rpc/auth_unix.h>
69
70 #ifdef __weak_alias
71 __weak_alias(authunix_create,_authunix_create)
72 __weak_alias(authunix_create_default,_authunix_create_default)
73 #endif
74
75
76 /* auth_unix.c */
77 static void authunix_nextverf __P((AUTH *));
78 static bool_t authunix_marshal __P((AUTH *, XDR *));
79 static bool_t authunix_validate __P((AUTH *, struct opaque_auth *));
80 static bool_t authunix_refresh __P((AUTH *));
81 static void authunix_destroy __P((AUTH *));
82 static void marshal_new_auth __P((AUTH *));
83 static const struct auth_ops *authunix_ops __P((void));
84
85 /*
86 * This struct is pointed to by the ah_private field of an auth_handle.
87 */
88 struct audata {
89 struct opaque_auth au_origcred; /* original credentials */
90 struct opaque_auth au_shcred; /* short hand cred */
91 u_long au_shfaults; /* short hand cache faults */
92 char au_marshed[MAX_AUTH_BYTES];
93 u_int au_mpos; /* xdr pos at end of marshed */
94 };
95 #define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
96
97 /*
98 * Create a unix style authenticator.
99 * Returns an auth handle with the given stuff in it.
100 */
101 AUTH *
102 authunix_create(machname, uid, gid, len, aup_gids)
103 char *machname;
104 int uid;
105 int gid;
106 int len;
107 int *aup_gids;
108 {
109 struct authunix_parms aup;
110 char mymem[MAX_AUTH_BYTES];
111 struct timeval now;
112 XDR xdrs;
113 AUTH *auth;
114 struct audata *au;
115
116 /*
117 * Allocate and set up auth handle
118 */
119 au = NULL;
120 auth = mem_alloc(sizeof(*auth));
121 #ifndef KERNEL
122 if (auth == NULL) {
123 warnx("authunix_create: out of memory");
124 goto cleanup_authunix_create;
125 }
126 #endif
127 au = mem_alloc(sizeof(*au));
128 #ifndef KERNEL
129 if (au == NULL) {
130 warnx("authunix_create: out of memory");
131 goto cleanup_authunix_create;
132 }
133 #endif
134 auth->ah_ops = authunix_ops();
135 auth->ah_private = au;
136 auth->ah_verf = au->au_shcred = _null_auth;
137 au->au_shfaults = 0;
138 au->au_origcred.oa_base = NULL;
139
140 /*
141 * fill in param struct from the given params
142 */
143 (void)gettimeofday(&now, NULL);
144 aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */
145 aup.aup_machname = machname;
146 aup.aup_uid = uid;
147 aup.aup_gid = gid;
148 aup.aup_len = (u_int)len;
149 aup.aup_gids = aup_gids;
150
151 /*
152 * Serialize the parameters into origcred
153 */
154 xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE);
155 if (! xdr_authunix_parms(&xdrs, &aup))
156 abort();
157 au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs);
158 au->au_origcred.oa_flavor = AUTH_UNIX;
159 #ifdef KERNEL
160 au->au_origcred.oa_base = mem_alloc((size_t)len);
161 #else
162 if ((au->au_origcred.oa_base = mem_alloc((size_t)len)) == NULL) {
163 warnx("authunix_create: out of memory");
164 goto cleanup_authunix_create;
165 }
166 #endif
167 memmove(au->au_origcred.oa_base, mymem, (size_t)len);
168
169 /*
170 * set auth handle to reflect new cred.
171 */
172 auth->ah_cred = au->au_origcred;
173 marshal_new_auth(auth);
174 return (auth);
175 #ifndef KERNEL
176 cleanup_authunix_create:
177 if (auth)
178 mem_free(auth, sizeof(*auth));
179 if (au) {
180 if (au->au_origcred.oa_base)
181 mem_free(au->au_origcred.oa_base, (u_int)len);
182 mem_free(au, sizeof(*au));
183 }
184 return (NULL);
185 #endif
186 }
187
188 /*
189 * Returns an auth handle with parameters determined by doing lots of
190 * syscalls.
191 */
192 AUTH *
193 authunix_create_default()
194 {
195 int len;
196 char machname[MAXHOSTNAMELEN + 1];
197 uid_t uid;
198 gid_t gid;
199 gid_t gids[NGRPS];
200
201 if (gethostname(machname, sizeof machname) == -1)
202 abort();
203 machname[sizeof(machname) - 1] = 0;
204 uid = geteuid();
205 gid = getegid();
206 if ((len = getgroups(NGRPS, gids)) < 0)
207 abort();
208 /* XXX: interface problem; those should all have been unsigned */
209 return (authunix_create(machname, (int)uid, (int)gid, len,
210 (int *)gids));
211 }
212
213 /*
214 * authunix operations
215 */
216
217 /* ARGSUSED */
218 static void
219 authunix_nextverf(auth)
220 AUTH *auth;
221 {
222 /* no action necessary */
223 }
224
225 static bool_t
226 authunix_marshal(auth, xdrs)
227 AUTH *auth;
228 XDR *xdrs;
229 {
230 struct audata *au;
231
232 _DIAGASSERT(auth != NULL);
233 _DIAGASSERT(xdrs != NULL);
234
235 au = AUTH_PRIVATE(auth);
236 return (XDR_PUTBYTES(xdrs, au->au_marshed, au->au_mpos));
237 }
238
239 static bool_t
240 authunix_validate(auth, verf)
241 AUTH *auth;
242 struct opaque_auth *verf;
243 {
244 struct audata *au;
245 XDR xdrs;
246
247 _DIAGASSERT(auth != NULL);
248 _DIAGASSERT(verf != NULL);
249
250 if (verf->oa_flavor == AUTH_SHORT) {
251 au = AUTH_PRIVATE(auth);
252 xdrmem_create(&xdrs, verf->oa_base, verf->oa_length,
253 XDR_DECODE);
254
255 if (au->au_shcred.oa_base != NULL) {
256 mem_free(au->au_shcred.oa_base,
257 au->au_shcred.oa_length);
258 au->au_shcred.oa_base = NULL;
259 }
260 if (xdr_opaque_auth(&xdrs, &au->au_shcred)) {
261 auth->ah_cred = au->au_shcred;
262 } else {
263 xdrs.x_op = XDR_FREE;
264 (void)xdr_opaque_auth(&xdrs, &au->au_shcred);
265 au->au_shcred.oa_base = NULL;
266 auth->ah_cred = au->au_origcred;
267 }
268 marshal_new_auth(auth);
269 }
270 return (TRUE);
271 }
272
273 static bool_t
274 authunix_refresh(auth)
275 AUTH *auth;
276 {
277 struct audata *au = AUTH_PRIVATE(auth);
278 struct authunix_parms aup;
279 struct timeval now;
280 XDR xdrs;
281 int stat;
282
283 _DIAGASSERT(auth != NULL);
284
285 if (auth->ah_cred.oa_base == au->au_origcred.oa_base) {
286 /* there is no hope. Punt */
287 return (FALSE);
288 }
289 au->au_shfaults++;
290
291 /* first deserialize the creds back into a struct authunix_parms */
292 aup.aup_machname = NULL;
293 aup.aup_gids = NULL;
294 xdrmem_create(&xdrs, au->au_origcred.oa_base,
295 au->au_origcred.oa_length, XDR_DECODE);
296 stat = xdr_authunix_parms(&xdrs, &aup);
297 if (! stat)
298 goto done;
299
300 /* update the time and serialize in place */
301 (void)gettimeofday(&now, NULL);
302 aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */
303 xdrs.x_op = XDR_ENCODE;
304 XDR_SETPOS(&xdrs, 0);
305 stat = xdr_authunix_parms(&xdrs, &aup);
306 if (! stat)
307 goto done;
308 auth->ah_cred = au->au_origcred;
309 marshal_new_auth(auth);
310 done:
311 /* free the struct authunix_parms created by deserializing */
312 xdrs.x_op = XDR_FREE;
313 (void)xdr_authunix_parms(&xdrs, &aup);
314 XDR_DESTROY(&xdrs);
315 return (stat);
316 }
317
318 static void
319 authunix_destroy(auth)
320 AUTH *auth;
321 {
322 struct audata *au;
323
324 _DIAGASSERT(auth != NULL);
325
326 au = AUTH_PRIVATE(auth);
327 mem_free(au->au_origcred.oa_base, au->au_origcred.oa_length);
328
329 if (au->au_shcred.oa_base != NULL)
330 mem_free(au->au_shcred.oa_base, au->au_shcred.oa_length);
331
332 mem_free(auth->ah_private, sizeof(struct audata));
333
334 if (auth->ah_verf.oa_base != NULL)
335 mem_free(auth->ah_verf.oa_base, auth->ah_verf.oa_length);
336
337 mem_free(auth, sizeof(*auth));
338 }
339
340 /*
341 * Marshals (pre-serializes) an auth struct.
342 * sets private data, au_marshed and au_mpos
343 */
344 static void
345 marshal_new_auth(auth)
346 AUTH *auth;
347 {
348 XDR xdr_stream;
349 XDR *xdrs = &xdr_stream;
350 struct audata *au;
351
352 _DIAGASSERT(auth != NULL);
353
354 au = AUTH_PRIVATE(auth);
355 xdrmem_create(xdrs, au->au_marshed, MAX_AUTH_BYTES, XDR_ENCODE);
356 if ((! xdr_opaque_auth(xdrs, &(auth->ah_cred))) ||
357 (! xdr_opaque_auth(xdrs, &(auth->ah_verf))))
358 warnx("auth_none.c - Fatal marshalling problem");
359 else
360 au->au_mpos = XDR_GETPOS(xdrs);
361 XDR_DESTROY(xdrs);
362 }
363
364 static const struct auth_ops *
365 authunix_ops()
366 {
367 static struct auth_ops ops;
368 #ifdef _REENTRANT
369 extern mutex_t ops_lock;
370 #endif
371
372 /* VARIABLES PROTECTED BY ops_lock: ops */
373
374 mutex_lock(&ops_lock);
375 if (ops.ah_nextverf == NULL) {
376 ops.ah_nextverf = authunix_nextverf;
377 ops.ah_marshal = authunix_marshal;
378 ops.ah_validate = authunix_validate;
379 ops.ah_refresh = authunix_refresh;
380 ops.ah_destroy = authunix_destroy;
381 }
382 mutex_unlock(&ops_lock);
383 return (&ops);
384 }
MINIX 3 (repo.or.cz mirror)