1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
/*
* linux/net/sunrpc/svcauth.c
*
* The generic interface for RPC authentication on the server side.
*
* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
*
* CHANGES
* 19-Apr-2000 Chris Evans - Security fix
*/
#include <linux/types.h>
#include <linux/sched.h>
#include <linux/sunrpc/types.h>
#include <linux/sunrpc/xdr.h>
#include <linux/sunrpc/svcauth.h>
#include <linux/sunrpc/svcsock.h>
#define RPCDBG_FACILITY RPCDBG_AUTH
/*
* Type of authenticator function
*/
typedef void (*auth_fn_t)(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
/*
* Builtin auth flavors
*/
static void svcauth_null(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
static void svcauth_unix(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
/*
* Max number of authentication flavors we support
*/
#define RPC_SVCAUTH_MAX 8
/*
* Table of authenticators
*/
static auth_fn_t authtab[RPC_SVCAUTH_MAX] = {
svcauth_null,
svcauth_unix,
NULL,
};
void
svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
{
u32 flavor;
auth_fn_t func;
*statp = rpc_success;
*authp = rpc_auth_ok;
svc_getlong(&rqstp->rq_argbuf, flavor);
flavor = ntohl(flavor);
dprintk("svc: svc_authenticate (%d)\n", flavor);
if (flavor >= RPC_SVCAUTH_MAX || !(func = authtab[flavor])) {
*authp = rpc_autherr_badcred;
return;
}
rqstp->rq_cred.cr_flavor = flavor;
func(rqstp, statp, authp);
}
int
svc_auth_register(u32 flavor, auth_fn_t func)
{
if (flavor >= RPC_SVCAUTH_MAX || authtab[flavor])
return -EINVAL;
authtab[flavor] = func;
return 0;
}
void
svc_auth_unregister(u32 flavor)
{
if (flavor < RPC_SVCAUTH_MAX)
authtab[flavor] = NULL;
}
static void
svcauth_null(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
{
struct svc_buf *argp = &rqstp->rq_argbuf;
struct svc_buf *resp = &rqstp->rq_resbuf;
if ((argp->len -= 3) < 0) {
*statp = rpc_garbage_args;
return;
}
if (*(argp->buf)++ != 0) { /* we already skipped the flavor */
dprintk("svc: bad null cred\n");
*authp = rpc_autherr_badcred;
return;
}
if (*(argp->buf)++ != RPC_AUTH_NULL || *(argp->buf)++ != 0) {
dprintk("svc: bad null verf\n");
*authp = rpc_autherr_badverf;
return;
}
/* Signal that mapping to nobody uid/gid is required */
rqstp->rq_cred.cr_uid = (uid_t) -1;
rqstp->rq_cred.cr_gid = (gid_t) -1;
rqstp->rq_cred.cr_groups[0] = NOGROUP;
/* Put NULL verifier */
rqstp->rq_verfed = 1;
svc_putlong(resp, RPC_AUTH_NULL);
svc_putlong(resp, 0);
}
static void
svcauth_unix(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
{
struct svc_buf *argp = &rqstp->rq_argbuf;
struct svc_buf *resp = &rqstp->rq_resbuf;
struct svc_cred *cred = &rqstp->rq_cred;
u32 *bufp = argp->buf, slen, i;
int len = argp->len;
if ((len -= 3) < 0) {
*statp = rpc_garbage_args;
return;
}
bufp++; /* length */
bufp++; /* time stamp */
slen = (ntohl(*bufp++) + 3) >> 2; /* machname length */
if (slen > 64 || (len -= slen + 3) < 0)
goto badcred;
bufp += slen; /* skip machname */
cred->cr_uid = ntohl(*bufp++); /* uid */
cred->cr_gid = ntohl(*bufp++); /* gid */
slen = ntohl(*bufp++); /* gids length */
if (slen > 16 || (len -= slen + 2) < 0)
goto badcred;
for (i = 0; i < NGROUPS && i < slen; i++)
cred->cr_groups[i] = ntohl(*bufp++);
if (i < NGROUPS)
cred->cr_groups[i] = NOGROUP;
bufp += (slen - i);
if (*bufp++ != RPC_AUTH_NULL || *bufp++ != 0) {
*authp = rpc_autherr_badverf;
return;
}
argp->buf = bufp;
argp->len = len;
/* Put NULL verifier */
rqstp->rq_verfed = 1;
svc_putlong(resp, RPC_AUTH_NULL);
svc_putlong(resp, 0);
return;
badcred:
*authp = rpc_autherr_badcred;
}
|
