usr/src/uts/common/gssapi/gssd_handle.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22
  23 /*
  24  * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
  25  */
  26
  27 /*
  28  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
  29  * Use is subject to license terms.
  30  */
  31
  32 /*
  33  *  Kernel code to obtain client handle to gssd server
  34  */
  35
  36 #include <sys/types.h>
  37 #include <gssapi/gssapi.h>
  38 #include <gssapi/gssd_prot.h>
  39 #include <gssapi/kgssapi_defs.h>
  40
  41 #include <sys/systm.h>
  42 #include <sys/vnode.h>
  43 #include <sys/uio.h>
  44 #include <sys/pathname.h>
  45
  46 #define GSSD_RETRY 5
  47
  48 kmutex_t        gssrpcb_lock;
  49 zone_key_t      gss_zone_key;
  50
  51 struct gss_globals {
  52         enum clnt_stat          gss_last_stat;
  53         struct netbuf           gss_netaddr;
  54         struct knetconfig       gss_config;
  55 };
  56
  57 /* ARGSUSED */
  58 void *
  59 gss_zone_init(zoneid_t zoneid)
  60 {
  61         struct gss_globals *gssg;
  62
  63         gssg = kmem_zalloc(sizeof (*gssg), KM_SLEEP);
  64         return (gssg);
  65 }
  66
  67 /* ARGSUSED */
  68 void
  69 gss_zone_fini(zoneid_t zoneid, void *data)
  70 {
  71         struct gss_globals *gssg = data;
  72         struct netbuf *netaddrp = &gssg->gss_netaddr;
  73
  74         if (netaddrp->len != 0)
  75                 kmem_free(netaddrp->buf, netaddrp->maxlen);
  76         kmem_free(gssg, sizeof (*gssg));
  77 }
  78
  79 void
  80 killgssd_handle(CLIENT *client)
  81 {
  82         struct rpc_err rpcerr;
  83         struct gss_globals *gssg;
  84
  85         gssg = zone_getspecific(gss_zone_key, curproc->p_zone);
  86         CLNT_GETERR(client, &rpcerr);
  87         gssg->gss_last_stat = rpcerr.re_status;
  88
  89         AUTH_DESTROY(client->cl_auth);
  90         CLNT_DESTROY(client);
  91 }
  92
  93 CLIENT *
  94 getgssd_handle(void)
  95 {
  96         struct vnode *vp;
  97         int error;
  98         CLIENT *clnt;
  99         enum clnt_stat stat;
 100         struct netbuf tmpaddr;
 101         struct gss_globals *gssg;
 102         struct netbuf *netaddrp;
 103
 104         gssg = zone_getspecific(gss_zone_key, curproc->p_zone);
 105         /*
 106          * Cribbed from kerb_krpc.c. Really should do the config set up
 107          * in the _init routine.
 108          */
 109         if (gssg->gss_config.knc_rdev == 0) {
 110                 if ((error = lookupname("/dev/ticotsord", UIO_SYSSPACE,
 111                     FOLLOW, NULLVPP, &vp)) != 0) {
 112                         GSSLOG(1, "getgssd_handle: lookupname: %d\n", error);
 113                         return (NULL);
 114                 }
 115                 gssg->gss_config.knc_rdev = vp->v_rdev;
 116                 gssg->gss_config.knc_protofmly = loopback_name;
 117                 VN_RELE(vp);
 118                 gssg->gss_config.knc_semantics = NC_TPI_COTS_ORD;
 119         }
 120
 121         /*
 122          * Contact rpcbind to get gssd's address only
 123          * once and re-use the address.
 124          */
 125         mutex_enter(&gssrpcb_lock);
 126         netaddrp = &gssg->gss_netaddr;
 127
 128         if (netaddrp->len == 0 || gssg->gss_last_stat != RPC_SUCCESS) {
 129                 if (netaddrp->buf != NULL)
 130                         kmem_free(netaddrp->buf, netaddrp->maxlen);
 131
 132                 /* Set up netaddr to be "localhost." (strlen is 10) */
 133                 netaddrp->len = netaddrp->maxlen = 10;
 134                 netaddrp->buf = kmem_alloc(netaddrp->len, KM_SLEEP);
 135                 (void) strncpy(netaddrp->buf, "localhost.", netaddrp->len);
 136
 137                 /* Get address of gssd from rpcbind */
 138                 stat = rpcbind_getaddr(&gssg->gss_config, GSSPROG, GSSVERS,
 139                     netaddrp);
 140                 if (stat != RPC_SUCCESS) {
 141                         kmem_free(netaddrp->buf, netaddrp->maxlen);
 142                         netaddrp->buf = NULL;
 143                         netaddrp->len = netaddrp->maxlen = 0;
 144                         mutex_exit(&gssrpcb_lock);
 145                         return (NULL);
 146                 }
 147         }
 148
 149         /*
 150          * Copy the netaddr information into a tmp location to
 151          * be used by clnt_tli_kcreate.  The purpose of this
 152          * is for MT race condition (ie. netaddr being modified
 153          * while it is being used.)
 154          */
 155         tmpaddr.buf = kmem_zalloc(netaddrp->maxlen, KM_SLEEP);
 156         bcopy(netaddrp->buf, tmpaddr.buf, netaddrp->maxlen);
 157         tmpaddr.maxlen = netaddrp->maxlen;
 158         tmpaddr.len = netaddrp->len;
 159
 160         mutex_exit(&gssrpcb_lock);
 161
 162         error = clnt_tli_kcreate(&gssg->gss_config, &tmpaddr, GSSPROG,
 163             GSSVERS, 0, GSSD_RETRY, kcred, &clnt);
 164
 165         kmem_free(tmpaddr.buf, tmpaddr.maxlen);
 166
 167         if (error != 0) {
 168                 GSSLOG(1,
 169                 "getgssd_handle: clnt_tli_kcreate: error %d\n", error);
 170                 return (NULL);
 171         }
 172
 173         return (clnt);
 174 }