| blob | 933d001341b3110f63d15166b98d22ada48f1eae |
1 /*
2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
8 *
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
12 *
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
16 *
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
20 *
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
24 *
25 * Sun Microsystems, Inc.
26 * 2550 Garcia Avenue
27 * Mountain View, California 94043
28 */
29 /*
30 * Copyright (c) 1988 by Sun Microsystems, Inc.
31 */
32 /*
33 * svcauth_des.c, server-side des authentication
34 *
35 * We insure for the service the following:
36 * (1) The timestamp microseconds do not exceed 1 million.
37 * (2) The timestamp plus the window is less than the current time.
38 * (3) The timestamp is not less than the one previously
39 * seen in the current session.
40 *
41 * It is up to the server to determine if the window size is
42 * too small .
43 *
44 */
46 #include <limits.h>
47 #include <string.h>
48 #include <sys/param.h>
49 #include <netinet/in.h>
50 #include <rpc/rpc.h>
51 #include <rpc/xdr.h>
52 #include <rpc/auth.h>
53 #include <rpc/auth_des.h>
54 #include <rpc/svc_auth.h>
55 #include <rpc/svc.h>
56 #include <rpc/des_crypt.h>
60 #define USEC_PER_SEC ((uint32_t) 1000000L)
61 #define BEFORE(t1, t2) timercmp(t1, t2, <)
63 /*
64 * LRU cache of conversation keys and some other useful items.
65 */
66 #define AUTHDES_CACHESZ 64
67 struct cache_entry
68 {
74 };
75 #ifdef _RPC_THREAD_SAFE_
76 #define authdes_cache RPC_THREAD_VARIABLE(authdes_cache_s)
77 #define authdes_lru RPC_THREAD_VARIABLE(authdes_lru_s)
78 #else
81 #endif
87 /* note that sid was ref'd */
90 /* invalidate entry in cache */
92 /*
93 * cache statistics
94 */
95 struct
96 {
100 }
101 svcauthdes_stats;
103 /*
104 * Service side authenticator for AUTH_DES
105 */
106 enum auth_stat
108 {
117 des_block ivec;
118 u_int window;
121 struct area
122 {
125 }
136 /*
137 * Get the credential
138 */
146 {
150 {
152 }
166 }
168 /*
169 * Get the verifier
170 */
180 /*
181 * Get the conversation key
182 */
184 {
185 netobj pkey;
190 {
193 }
198 {
201 }
202 }
203 else
206 {
209 }
210 else
213 /* XXX This could be wrong, but else we have a
214 security problem */
218 }
221 /*
222 * Decrypt the timestamp
223 */
226 {
233 }
234 else
239 {
242 }
244 /*
245 * XDR the decrypted timestamp
246 */
251 /*
252 * Check for valid credentials and verifiers.
253 * They could be invalid because the key was flushed
254 * out of the cache, and so a new session should begin.
255 * Be sure and send AUTH_REJECTED{CRED, VERF} if this is the case.
256 */
257 {
260 u_int winverf;
263 {
269 {
272 }
276 {
279 }
282 }
283 else
287 }
290 {
292 /* cached out (bad key), or garbled verifier */
294 }
296 {
299 }
303 {
305 /* replay, or garbled credential */
307 }
308 }
310 /*
311 * Set up the reply verifier
312 */
315 /*
316 * xdr the timestamp before encrypting
317 */
322 /*
323 * encrypt the timestamp
324 */
328 {
331 }
334 /*
335 * Serialize the reply verifier, and update rqst
336 */
347 /*
348 * We succeeded, commit the data to the cache now and
349 * finish cooking the credential.
350 */
355 {
366 else
367 {
370 }
374 }
375 else
377 /*
378 * nicknames are cooked into fullnames
379 */
384 }
386 }
389 /*
390 * Initialize the cache
391 */
392 static void
393 internal_function
395 {
404 /*
405 * Initialize the lru list
406 */
409 }
412 /*
413 * Find the lru victim
414 */
415 static short
417 {
419 }
421 /*
422 * Note that sid was referenced
423 */
424 static void
425 internal_function
427 {
435 {
439 }
440 }
442 /*
443 * Find a spot in the cache for a credential containing
444 * the items given. Return -1 if a replay is detected, otherwise
445 * return the spot in the cache.
446 */
447 static short
448 internal_function
451 {
458 {
463 {
465 {
468 }
471 }
472 }
475 }
477 /*
478 * Local credential handling stuff.
479 * NOTE: bsd unix dependent.
480 * Other operating systems should put something else here.
481 */
485 struct bsdcred
486 {
492 };
494 /*
495 * Map a des credential into a unix cred.
496 * We cache the credential here so the application does
497 * not have to make an rpc call every time to interpret
498 * the credential.
499 */
500 int
503 {
506 uid_t i_uid;
507 gid_t i_gid;
513 {
516 }
519 {
520 /*
521 * not in cache: lookup
522 */
525 {
530 }
533 {
534 /* We already have an allocated data structure. But it is
535 too small. */
539 }
542 {
543 /* We should allocate room for at least NGROUPS groups. */
554 }
562 /* Make sure no too large values are reported. */
565 }
567 {
568 /*
569 * Already lookup up, but no match found
570 */
572 }
574 /*
575 * cached credentials
576 */
580 /* Another stupidity in the interface: *grouplen is of type short.
581 So we might have to cut the information passed up short. */
587 }
589 static void
590 internal_function
592 {
596 }