2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
25 * Sun Microsystems, Inc.
27 * Mountain View, California 94043
30 * Copyright (C) 1984, Sun Microsystems, Inc.
33 * auth_unix.c, Implements UNIX style authentication parameters.
35 * The system is very weak. The client uses no encryption for it's
36 * credentials and only sends null verifiers. The server sends backs
37 * null verifiers or optionally a verifier that suggests a new short hand
38 * for the credentials.
46 #include <sys/param.h>
48 #include <rpc/types.h>
51 #include <rpc/auth_unix.h>
58 * Unix authenticator operations vector
60 static void authunix_nextverf (AUTH
*);
61 static bool_t
authunix_marshal (AUTH
*, XDR
*);
62 static bool_t
authunix_validate (AUTH
*, struct opaque_auth
*);
63 static bool_t
authunix_refresh (AUTH
*);
64 static void authunix_destroy (AUTH
*);
66 static struct auth_ops auth_unix_ops
= {
75 * This struct is pointed to by the ah_private field of an auth_handle.
78 struct opaque_auth au_origcred
; /* original credentials */
79 struct opaque_auth au_shcred
; /* short hand cred */
80 u_long au_shfaults
; /* short hand cache faults */
81 char au_marshed
[MAX_AUTH_BYTES
];
82 u_int au_mpos
; /* xdr pos at end of marshed */
84 #define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
86 static bool_t
marshal_new_auth (AUTH
*) internal_function
;
90 * Create a unix style authenticator.
91 * Returns an auth handle with the given stuff in it.
94 authunix_create (char *machname
, uid_t uid
, gid_t gid
, int len
,
97 struct authunix_parms aup
;
98 char mymem
[MAX_AUTH_BYTES
];
105 * Allocate and set up auth handle
107 auth
= (AUTH
*) mem_alloc (sizeof (*auth
));
108 au
= (struct audata
*) mem_alloc (sizeof (*au
));
109 if (auth
== NULL
|| au
== NULL
)
113 if (_IO_fwide (stderr
, 0) > 0)
114 (void) __fwprintf (stderr
, L
"%s",
115 _("authunix_create: out of memory\n"));
118 (void) fputs (_("authunix_create: out of memory\n"), stderr
);
119 mem_free (auth
, sizeof (*auth
));
120 mem_free (au
, sizeof (*au
));
123 auth
->ah_ops
= &auth_unix_ops
;
124 auth
->ah_private
= (caddr_t
) au
;
125 auth
->ah_verf
= au
->au_shcred
= _null_auth
;
129 * fill in param struct from the given params
131 (void) __gettimeofday (&now
, (struct timezone
*) 0);
132 aup
.aup_time
= now
.tv_sec
;
133 aup
.aup_machname
= machname
;
136 aup
.aup_len
= (u_int
) len
;
137 aup
.aup_gids
= aup_gids
;
140 * Serialize the parameters into origcred
142 xdrmem_create (&xdrs
, mymem
, MAX_AUTH_BYTES
, XDR_ENCODE
);
143 if (!xdr_authunix_parms (&xdrs
, &aup
))
145 au
->au_origcred
.oa_length
= len
= XDR_GETPOS (&xdrs
);
146 au
->au_origcred
.oa_flavor
= AUTH_UNIX
;
147 au
->au_origcred
.oa_base
= mem_alloc ((u_int
) len
);
148 if (au
->au_origcred
.oa_base
== NULL
)
150 memcpy(au
->au_origcred
.oa_base
, mymem
, (u_int
) len
);
153 * set auth handle to reflect new cred.
155 auth
->ah_cred
= au
->au_origcred
;
156 marshal_new_auth (auth
);
161 * Returns an auth handle with parameters determined by doing lots of
165 authunix_create_default (void)
168 char machname
[MAX_MACHINE_NAME
+ 1];
171 int max_nr_groups
= __sysconf (_SC_NGROUPS_MAX
);
172 gid_t gids
[max_nr_groups
];
174 if (__gethostname (machname
, MAX_MACHINE_NAME
) == -1)
176 machname
[MAX_MACHINE_NAME
] = 0;
180 if ((len
= __getgroups (max_nr_groups
, gids
)) < 0)
182 /* This braindamaged Sun code forces us here to truncate the
183 list of groups to NGRPS members since the code in
184 authuxprot.c transforms a fixed array. Grrr. */
185 return authunix_create (machname
, uid
, gid
, MIN (NGRPS
, len
), gids
);
189 * authunix operations
193 authunix_nextverf (AUTH
*auth
)
195 /* no action necessary */
199 authunix_marshal (AUTH
*auth
, XDR
*xdrs
)
201 struct audata
*au
= AUTH_PRIVATE (auth
);
203 return XDR_PUTBYTES (xdrs
, au
->au_marshed
, au
->au_mpos
);
207 authunix_validate (AUTH
*auth
, struct opaque_auth
*verf
)
212 if (verf
->oa_flavor
== AUTH_SHORT
)
214 au
= AUTH_PRIVATE (auth
);
215 xdrmem_create (&xdrs
, verf
->oa_base
, verf
->oa_length
,
218 if (au
->au_shcred
.oa_base
!= NULL
)
220 mem_free (au
->au_shcred
.oa_base
,
221 au
->au_shcred
.oa_length
);
222 au
->au_shcred
.oa_base
= NULL
;
224 if (xdr_opaque_auth (&xdrs
, &au
->au_shcred
))
226 auth
->ah_cred
= au
->au_shcred
;
230 xdrs
.x_op
= XDR_FREE
;
231 (void) xdr_opaque_auth (&xdrs
, &au
->au_shcred
);
232 au
->au_shcred
.oa_base
= NULL
;
233 auth
->ah_cred
= au
->au_origcred
;
235 marshal_new_auth (auth
);
241 authunix_refresh (AUTH
*auth
)
243 struct audata
*au
= AUTH_PRIVATE (auth
);
244 struct authunix_parms aup
;
249 if (auth
->ah_cred
.oa_base
== au
->au_origcred
.oa_base
)
251 /* there is no hope. Punt */
256 /* first deserialize the creds back into a struct authunix_parms */
257 aup
.aup_machname
= NULL
;
258 aup
.aup_gids
= (gid_t
*) NULL
;
259 xdrmem_create (&xdrs
, au
->au_origcred
.oa_base
,
260 au
->au_origcred
.oa_length
, XDR_DECODE
);
261 stat
= xdr_authunix_parms (&xdrs
, &aup
);
265 /* update the time and serialize in place */
266 (void) __gettimeofday (&now
, (struct timezone
*) 0);
267 aup
.aup_time
= now
.tv_sec
;
268 xdrs
.x_op
= XDR_ENCODE
;
269 XDR_SETPOS (&xdrs
, 0);
270 stat
= xdr_authunix_parms (&xdrs
, &aup
);
273 auth
->ah_cred
= au
->au_origcred
;
274 marshal_new_auth (auth
);
276 /* free the struct authunix_parms created by deserializing */
277 xdrs
.x_op
= XDR_FREE
;
278 (void) xdr_authunix_parms (&xdrs
, &aup
);
284 authunix_destroy (AUTH
*auth
)
286 struct audata
*au
= AUTH_PRIVATE (auth
);
288 mem_free (au
->au_origcred
.oa_base
, au
->au_origcred
.oa_length
);
290 if (au
->au_shcred
.oa_base
!= NULL
)
291 mem_free (au
->au_shcred
.oa_base
, au
->au_shcred
.oa_length
);
293 mem_free (auth
->ah_private
, sizeof (struct audata
));
295 if (auth
->ah_verf
.oa_base
!= NULL
)
296 mem_free (auth
->ah_verf
.oa_base
, auth
->ah_verf
.oa_length
);
298 mem_free ((caddr_t
) auth
, sizeof (*auth
));
302 * Marshals (pre-serializes) an auth struct.
303 * sets private data, au_marshed and au_mpos
307 marshal_new_auth (AUTH
*auth
)
310 XDR
*xdrs
= &xdr_stream
;
311 struct audata
*au
= AUTH_PRIVATE (auth
);
313 xdrmem_create (xdrs
, au
->au_marshed
, MAX_AUTH_BYTES
, XDR_ENCODE
);
314 if ((!xdr_opaque_auth (xdrs
, &(auth
->ah_cred
))) ||
315 (!xdr_opaque_auth (xdrs
, &(auth
->ah_verf
))))
316 perror (_("auth_none.c - Fatal marshalling problem"));
318 au
->au_mpos
= XDR_GETPOS (xdrs
);