/*
* 3. Validate
*/
static bool_t
authdes_validate (AUTH *auth, struct opaque_auth *rverf)
{
struct ad_private *ad = AUTH_PRIVATE (auth);
struct authdes_verf verf;
int status;
register uint32_t *ixdr;
if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT)
return FALSE;
ixdr = (uint32_t *) rverf->oa_base;
verf.adv_xtimestamp.key.high = *ixdr++;
verf.adv_xtimestamp.key.low = *ixdr++;
verf.adv_int_u = *ixdr++; /* nickname not XDR'd ! */
/*
* Decrypt the timestamp
*/
status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp,
sizeof (des_block), DES_DECRYPT | DES_HW);
if (DES_FAILED (status))
{
debug ("authdes_validate: DES decryption failure");
return FALSE;
}
/*
* xdr the decrypted timestamp
*/
ixdr = (uint32_t *) verf.adv_xtimestamp.c;
verf.adv_timestamp.tv_sec = IXDR_GET_U_INT32 (ixdr) + 1;
verf.adv_timestamp.tv_usec = IXDR_GET_U_INT32 (ixdr);
/*
* validate
*/
if (memcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp,
sizeof (struct rpc_timeval)) != 0)
{
debug ("authdes_validate: verifier mismatch\n");
return FALSE;
}
/*
* We have a nickname now, let's use it
*/
ad->ad_nickname = verf.adv_nickname;
ad->ad_cred.adc_namekind = ADN_NICKNAME;
return TRUE;
}
/*
* System (Unix) longhand authenticator
*/
enum auth_stat
__svcauth_sys(struct svc_req *rqst, struct rpc_msg *msg)
{
struct authsys_parms *aup;
int32_t *buf;
struct authsys_area *area;
uint_t auth_len;
uint_t str_len, gid_len;
int i;
/* LINTED pointer cast */
area = (struct authsys_area *)rqst->rq_clntcred;
aup = &area->area_aup;
aup->aup_machname = area->area_machname;
aup->aup_gids = area->area_gids;
auth_len = msg->rm_call.cb_cred.oa_length;
if (auth_len == 0)
return (AUTH_BADCRED);
/* LINTED pointer cast */
buf = (int32_t *)msg->rm_call.cb_cred.oa_base;
aup->aup_time = IXDR_GET_INT32(buf);
str_len = IXDR_GET_U_INT32(buf);
if (str_len > MAX_MACHINE_NAME)
return (AUTH_BADCRED);
(void) memcpy(aup->aup_machname, buf, str_len);
aup->aup_machname[str_len] = 0;
str_len = RNDUP(str_len);
buf += str_len / (int)sizeof (int32_t);
aup->aup_uid = IXDR_GET_INT32(buf);
aup->aup_gid = IXDR_GET_INT32(buf);
gid_len = IXDR_GET_U_INT32(buf);
if (gid_len > NGRPS)
return (AUTH_BADCRED);
aup->aup_len = gid_len;
for (i = 0; i < gid_len; i++) {
aup->aup_gids[i] = (gid_t)IXDR_GET_INT32(buf);
}
/*
* five is the smallest unix credentials structure -
* timestamp, hostname len (0), uid, gid, and gids len (0).
*/
if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len)
return (AUTH_BADCRED);
rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
rqst->rq_xprt->xp_verf.oa_length = 0;
return (AUTH_OK);
}
bool_t xdr_Create_LinkParms (XDR *xdrs, Create_LinkParms *objp)
{
#if defined(SOLARIS) && !defined(_LP64)
register long *buf;
#else
register int32_t *buf;
#endif
if (xdrs->x_op == XDR_ENCODE) {
buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_long (xdrs, &objp->clientId))
return FALSE;
if (!xdr_bool (xdrs, &objp->lockDevice))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
} else {
IXDR_PUT_INT32(buf, objp->clientId);
IXDR_PUT_BOOL(buf, objp->lockDevice);
IXDR_PUT_U_INT32(buf, objp->lock_timeout);
}
if (!xdr_string (xdrs, &objp->device, ~0))
return FALSE;
return TRUE;
} else if (xdrs->x_op == XDR_DECODE) {
buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_long (xdrs, &objp->clientId))
return FALSE;
if (!xdr_bool (xdrs, &objp->lockDevice))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
} else {
objp->clientId = IXDR_GET_INT32(buf);
objp->lockDevice = IXDR_GET_BOOL(buf);
objp->lock_timeout = IXDR_GET_U_INT32(buf);
}
if (!xdr_string (xdrs, &objp->device, ~0))
return FALSE;
return TRUE;
}
if (!xdr_long (xdrs, &objp->clientId))
return FALSE;
if (!xdr_bool (xdrs, &objp->lockDevice))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
if (!xdr_string (xdrs, &objp->device, ~0))
return FALSE;
return TRUE;
}
/*
* decode a duplex message, log error messages
*/
bool
xdr_dplx_decode(XDR *xdrs, struct rpc_msg *dmsg)
{
int32_t *buf;
/*
* NOTE: 5 here, 3 more in each _decode
*/
buf = XDR_INLINE(xdrs, 5 * BYTES_PER_XDR_UNIT);
if (buf != NULL) {
dmsg->rm_xid = IXDR_GET_U_INT32(buf);
dmsg->rm_direction = IXDR_GET_ENUM(buf, enum msg_type);
} else {
/*
* encrypt/decrypt ID (val1) and R (val2)
* return FALSE on failure and TRUE on success
*/
bool_t
__npd_ecb_crypt(
uint32_t *val1,
uint32_t *val2,
des_block *buf,
unsigned int bufsize,
unsigned int mode,
des_block *deskey)
{
int status;
int32_t *ixdr;
if (bufsize > MAX_KEY_CRYPT_LEN)
return (FALSE);
ixdr = (int32_t *)buf;
if (mode == DES_ENCRYPT) {
(void) memset((char *)buf, 0, bufsize);
IXDR_PUT_U_INT32(ixdr, *val1);
IXDR_PUT_U_INT32(ixdr, *val2);
status = ecb_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW);
if (DES_FAILED(status))
return (FALSE);
} else {
status = ecb_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW);
if (DES_FAILED(status))
return (FALSE);
*val1 = IXDR_GET_U_INT32(ixdr);
*val2 = IXDR_GET_U_INT32(ixdr);
}
return (TRUE);
}
/*
* encrypt/decrypt R (val) and password (str)
* return FALSE on failure and TRUE on success
*/
bool_t
__npd_cbc_crypt(
uint32_t *val,
char *str,
unsigned int strsize,
npd_newpass *buf,
unsigned int bufsize,
unsigned int mode,
des_block *deskey)
{
int status, i;
int32_t *ixdr;
des_block ivec;
if (bufsize > MAX_KEY_CRYPT_LEN)
return (FALSE);
ivec.key.low = ivec.key.high = 0;
ixdr = (int32_t *)buf;
if (mode == DES_ENCRYPT) {
if ((strsize + 4) > bufsize)
return (FALSE);
IXDR_PUT_U_INT32(ixdr, *val);
(void) strcpy((char *)buf->pass, str);
for (i = strsize; i < __NPD_MAXPASSBYTES; i++)
buf->pass[i] = '\0';
status = cbc_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW, (char *)&ivec);
if (DES_FAILED(status))
return (FALSE);
} else {
status = cbc_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW, (char *)&ivec);
if (DES_FAILED(status))
return (FALSE);
*val = IXDR_GET_U_INT32(ixdr);
if (strlen((char *)buf->pass) > strsize)
return (FALSE);
(void) strcpy(str, (char *)buf->pass);
}
return (TRUE);
}
bool_t xdr_Device_ReadParms (XDR *xdrs, Device_ReadParms *objp)
{
#if defined(SOLARIS) && !defined(_LP64)
register long *buf;
#else
register int32_t *buf;
#endif
if (xdrs->x_op == XDR_ENCODE) {
if (!xdr_Device_Link (xdrs, &objp->lid))
return FALSE;
buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_u_long (xdrs, &objp->requestSize))
return FALSE;
if (!xdr_u_long (xdrs, &objp->io_timeout))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
} else {
IXDR_PUT_U_INT32(buf, objp->requestSize);
IXDR_PUT_U_INT32(buf, objp->io_timeout);
IXDR_PUT_U_INT32(buf, objp->lock_timeout);
}
if (!xdr_Device_Flags (xdrs, &objp->flags))
return FALSE;
if (!xdr_char (xdrs, &objp->termChar))
return FALSE;
return TRUE;
} else if (xdrs->x_op == XDR_DECODE) {
if (!xdr_Device_Link (xdrs, &objp->lid))
return FALSE;
buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_u_long (xdrs, &objp->requestSize))
return FALSE;
if (!xdr_u_long (xdrs, &objp->io_timeout))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
} else {
objp->requestSize = IXDR_GET_U_INT32(buf);
objp->io_timeout = IXDR_GET_U_INT32(buf);
objp->lock_timeout = IXDR_GET_U_INT32(buf);
}
if (!xdr_Device_Flags (xdrs, &objp->flags))
return FALSE;
if (!xdr_char (xdrs, &objp->termChar))
return FALSE;
return TRUE;
}
if (!xdr_Device_Link (xdrs, &objp->lid))
return FALSE;
if (!xdr_u_long (xdrs, &objp->requestSize))
return FALSE;
if (!xdr_u_long (xdrs, &objp->io_timeout))
return FALSE;
if (!xdr_u_long (xdrs, &objp->lock_timeout))
return FALSE;
if (!xdr_Device_Flags (xdrs, &objp->flags))
return FALSE;
if (!xdr_char (xdrs, &objp->termChar))
return FALSE;
return TRUE;
}
/*
* Unix longhand authenticator
*/
enum auth_stat
_svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
{
enum auth_stat stat;
XDR xdrs;
struct authunix_parms *aup;
int32_t *buf;
struct area {
struct authunix_parms area_aup;
char area_machname[MAX_MACHINE_NAME+1];
int area_gids[NGRPS];
} *area;
u_int auth_len;
size_t str_len, gid_len;
u_int i;
assert(rqst != NULL);
assert(msg != NULL);
area = (struct area *) rqst->rq_clntcred;
aup = &area->area_aup;
aup->aup_machname = area->area_machname;
aup->aup_gids = area->area_gids;
auth_len = (u_int)msg->rm_call.cb_cred.oa_length;
xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE);
buf = XDR_INLINE(&xdrs, auth_len);
if (buf != NULL) {
aup->aup_time = IXDR_GET_INT32(buf);
str_len = (size_t)IXDR_GET_U_INT32(buf);
if (str_len > MAX_MACHINE_NAME) {
stat = AUTH_BADCRED;
goto done;
}
memmove(aup->aup_machname, buf, str_len);
aup->aup_machname[str_len] = 0;
str_len = RNDUP(str_len);
buf += str_len / sizeof (int32_t);
aup->aup_uid = (int)IXDR_GET_INT32(buf);
aup->aup_gid = (int)IXDR_GET_INT32(buf);
gid_len = (size_t)IXDR_GET_U_INT32(buf);
if (gid_len > NGRPS) {
stat = AUTH_BADCRED;
goto done;
}
aup->aup_len = gid_len;
for (i = 0; i < gid_len; i++) {
aup->aup_gids[i] = (int)IXDR_GET_INT32(buf);
}
/*
* five is the smallest unix credentials structure -
* timestamp, hostname len (0), uid, gid, and gids len (0).
*/
if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
printf("bad auth_len gid %ld str %ld auth %u\n",
(long)gid_len, (long)str_len, auth_len);
stat = AUTH_BADCRED;
goto done;
}
} else if (! xdr_authunix_parms(&xdrs, aup)) {
xdrs.x_op = XDR_FREE;
xdr_authunix_parms(&xdrs, aup);
stat = AUTH_BADCRED;
goto done;
}
/* get the verifier */
if ((u_int)msg->rm_call.cb_verf.oa_length) {
rqst->rq_xprt->xp_verf.oa_flavor =
msg->rm_call.cb_verf.oa_flavor;
rqst->rq_xprt->xp_verf.oa_base =
msg->rm_call.cb_verf.oa_base;
rqst->rq_xprt->xp_verf.oa_length =
msg->rm_call.cb_verf.oa_length;
} else {
rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
rqst->rq_xprt->xp_verf.oa_length = 0;
}
stat = AUTH_OK;
done:
XDR_DESTROY(&xdrs);
return (stat);
}
/*
* File attributes
*/
bool_t
xdr_fattr(XDR *xdrs, struct nfsfattr *na)
{
int32_t *ptr;
if (xdrs->x_op == XDR_FREE)
return (TRUE);
ptr = XDR_INLINE(xdrs, 17 * BYTES_PER_XDR_UNIT);
if (ptr != NULL) {
if (xdrs->x_op == XDR_DECODE) {
na->na_type = IXDR_GET_ENUM(ptr, enum nfsftype);
na->na_mode = IXDR_GET_U_INT32(ptr);
na->na_nlink = IXDR_GET_U_INT32(ptr);
na->na_uid = IXDR_GET_U_INT32(ptr);
na->na_gid = IXDR_GET_U_INT32(ptr);
na->na_size = IXDR_GET_U_INT32(ptr);
na->na_blocksize = IXDR_GET_U_INT32(ptr);
na->na_rdev = IXDR_GET_U_INT32(ptr);
na->na_blocks = IXDR_GET_U_INT32(ptr);
na->na_fsid = IXDR_GET_U_INT32(ptr);
na->na_nodeid = IXDR_GET_U_INT32(ptr);
na->na_atime.tv_sec = IXDR_GET_U_INT32(ptr);
na->na_atime.tv_usec = IXDR_GET_U_INT32(ptr);
na->na_mtime.tv_sec = IXDR_GET_U_INT32(ptr);
na->na_mtime.tv_usec = IXDR_GET_U_INT32(ptr);
na->na_ctime.tv_sec = IXDR_GET_U_INT32(ptr);
na->na_ctime.tv_usec = IXDR_GET_U_INT32(ptr);
} else {
/*
* Arguments to remote write and writecache
*/
bool_t
xdr_writeargs(XDR *xdrs, struct nfswriteargs *wa)
{
int32_t *ptr;
int32_t *fhp;
switch (xdrs->x_op) {
case XDR_DECODE:
wa->wa_args = &wa->wa_args_buf;
ptr = XDR_INLINE(xdrs, RNDUP(sizeof (fhandle_t)) +
3 * BYTES_PER_XDR_UNIT);
if (ptr != NULL) {
fhp = (int32_t *)&wa->wa_fhandle;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp++ = *ptr++;
*fhp = *ptr++;
wa->wa_begoff = IXDR_GET_U_INT32(ptr);
wa->wa_offset = IXDR_GET_U_INT32(ptr);
wa->wa_totcount = IXDR_GET_U_INT32(ptr);
wa->wa_mblk = NULL;
wa->wa_data = NULL;
wa->wa_rlist = NULL;
wa->wa_conn = NULL;
if (xdrs->x_ops == &xdrmblk_ops) {
return (xdrmblk_getmblk(xdrs, &wa->wa_mblk,
&wa->wa_count));
} else {
if (xdrs->x_ops == &xdrrdmablk_ops) {
if (xdrrdma_getrdmablk(xdrs,
&wa->wa_rlist,
&wa->wa_count,
&wa->wa_conn,
NFS_MAXDATA) == TRUE)
return (xdrrdma_read_from_client(
wa->wa_rlist,
&wa->wa_conn,
wa->wa_count));
wa->wa_rlist = NULL;
wa->wa_conn = NULL;
}
}
/*
* It is just as efficient to xdr_bytes
* an array of unknown length as to inline copy it.
*/
return (xdr_bytes(xdrs, &wa->wa_data,
&wa->wa_count, NFS_MAXDATA));
}
if (xdr_fhandle(xdrs, &wa->wa_fhandle) &&
xdr_u_int(xdrs, &wa->wa_begoff) &&
xdr_u_int(xdrs, &wa->wa_offset) &&
xdr_u_int(xdrs, &wa->wa_totcount)) {
/* deal with the variety of data transfer types */
wa->wa_mblk = NULL;
wa->wa_data = NULL;
wa->wa_rlist = NULL;
wa->wa_conn = NULL;
if (xdrs->x_ops == &xdrmblk_ops) {
if (xdrmblk_getmblk(xdrs, &wa->wa_mblk,
&wa->wa_count) == TRUE)
return (TRUE);
} else {
if (xdrs->x_ops == &xdrrdmablk_ops) {
if (xdrrdma_getrdmablk(xdrs,
&wa->wa_rlist,
&wa->wa_count,
&wa->wa_conn,
NFS_MAXDATA) == TRUE)
return (xdrrdma_read_from_client(
wa->wa_rlist,
&wa->wa_conn,
wa->wa_count));
wa->wa_rlist = NULL;
wa->wa_conn = NULL;
}
}
return (xdr_bytes(xdrs, &wa->wa_data,
&wa->wa_count, NFS_MAXDATA));
}
return (FALSE);
case XDR_ENCODE:
ptr = XDR_INLINE(xdrs, RNDUP(sizeof (fhandle_t)) +
3 * BYTES_PER_XDR_UNIT);
if (ptr != NULL) {
fhp = (int32_t *)&wa->wa_fhandle;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp++;
*ptr++ = *fhp;
IXDR_PUT_U_INT32(ptr, wa->wa_begoff);
IXDR_PUT_U_INT32(ptr, wa->wa_offset);
IXDR_PUT_U_INT32(ptr, wa->wa_totcount);
} else {
if (!(xdr_fhandle(xdrs, &wa->wa_fhandle) &&
xdr_u_int(xdrs, &wa->wa_begoff) &&
xdr_u_int(xdrs, &wa->wa_offset) &&
xdr_u_int(xdrs, &wa->wa_totcount)))
return (FALSE);
}
return (xdr_bytes(xdrs, &wa->wa_data, &wa->wa_count,
NFS_MAXDATA));
case XDR_FREE:
if (wa->wa_rlist) {
(void) xdrrdma_free_clist(wa->wa_conn, wa->wa_rlist);
wa->wa_rlist = NULL;
}
if (wa->wa_data != NULL) {
kmem_free(wa->wa_data, wa->wa_count);
wa->wa_data = NULL;
}
return (TRUE);
}
return (FALSE);
}
bool_t
xdr_rpcbs_rmtcalllist(XDR *xdrs, rpcbs_rmtcalllist *objp)
{
int32_t *buf;
struct rpcbs_rmtcalllist **pnext;
if (xdrs->x_op == XDR_ENCODE) {
buf = XDR_INLINE(xdrs, 6 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_u_int32_t(xdrs, &objp->prog)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->vers)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->proc)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->success)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->failure)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->indirect)) {
return (FALSE);
}
} else {
IXDR_PUT_U_INT32(buf, objp->prog);
IXDR_PUT_U_INT32(buf, objp->vers);
IXDR_PUT_U_INT32(buf, objp->proc);
IXDR_PUT_INT32(buf, objp->success);
IXDR_PUT_INT32(buf, objp->failure);
IXDR_PUT_INT32(buf, objp->indirect);
}
if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
return (FALSE);
}
pnext = &objp->next;
if (!xdr_pointer(xdrs, (char **) pnext,
sizeof (rpcbs_rmtcalllist),
(xdrproc_t)xdr_rpcbs_rmtcalllist)) {
return (FALSE);
}
return (TRUE);
} else if (xdrs->x_op == XDR_DECODE) {
buf = XDR_INLINE(xdrs, 6 * BYTES_PER_XDR_UNIT);
if (buf == NULL) {
if (!xdr_u_int32_t(xdrs, &objp->prog)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->vers)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->proc)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->success)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->failure)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->indirect)) {
return (FALSE);
}
} else {
objp->prog = (rpcprog_t)IXDR_GET_U_INT32(buf);
objp->vers = (rpcvers_t)IXDR_GET_U_INT32(buf);
objp->proc = (rpcproc_t)IXDR_GET_U_INT32(buf);
objp->success = (int)IXDR_GET_INT32(buf);
objp->failure = (int)IXDR_GET_INT32(buf);
objp->indirect = (int)IXDR_GET_INT32(buf);
}
if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
return (FALSE);
}
if (!xdr_pointer(xdrs, (char **) pnext,
sizeof (rpcbs_rmtcalllist),
(xdrproc_t)xdr_rpcbs_rmtcalllist)) {
return (FALSE);
}
return (TRUE);
}
if (!xdr_u_int32_t(xdrs, &objp->prog)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->vers)) {
return (FALSE);
}
if (!xdr_u_int32_t(xdrs, &objp->proc)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->success)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->failure)) {
return (FALSE);
}
if (!xdr_int(xdrs, &objp->indirect)) {
return (FALSE);
}
if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
return (FALSE);
}
if (!xdr_pointer(xdrs, (char **) pnext,
sizeof (rpcbs_rmtcalllist),
(xdrproc_t)xdr_rpcbs_rmtcalllist)) {
return (FALSE);
}
return (TRUE);
}
/*
* Unix longhand authenticator
*/
enum auth_stat
_svcauth_unix (struct svc_req *rqst, struct rpc_msg *msg)
{
enum auth_stat stat;
XDR xdrs;
struct authunix_parms *aup;
int32_t *buf;
struct area
{
struct authunix_parms area_aup;
char area_machname[MAX_MACHINE_NAME + 1];
gid_t area_gids[NGRPS];
}
*area;
u_int auth_len;
u_int str_len, gid_len;
u_int i;
area = (struct area *) rqst->rq_clntcred;
aup = &area->area_aup;
aup->aup_machname = area->area_machname;
aup->aup_gids = area->area_gids;
auth_len = (u_int) msg->rm_call.cb_cred.oa_length;
INTUSE(xdrmem_create) (&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,
XDR_DECODE);
buf = XDR_INLINE (&xdrs, auth_len);
if (buf != NULL)
{
aup->aup_time = IXDR_GET_LONG (buf);
str_len = IXDR_GET_U_INT32 (buf);
if (str_len > MAX_MACHINE_NAME)
{
stat = AUTH_BADCRED;
goto done;
}
memcpy (aup->aup_machname, (caddr_t) buf, (u_int) str_len);
aup->aup_machname[str_len] = 0;
str_len = RNDUP (str_len);
buf = (int32_t *) ((char *) buf + str_len);
aup->aup_uid = IXDR_GET_LONG (buf);
aup->aup_gid = IXDR_GET_LONG (buf);
gid_len = IXDR_GET_U_INT32 (buf);
if (gid_len > NGRPS)
{
stat = AUTH_BADCRED;
goto done;
}
aup->aup_len = gid_len;
for (i = 0; i < gid_len; i++)
{
aup->aup_gids[i] = IXDR_GET_LONG (buf);
}
/*
* five is the smallest unix credentials structure -
* timestamp, hostname len (0), uid, gid, and gids len (0).
*/
if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len)
{
stat = AUTH_BADCRED;
goto done;
}
}
else if (!INTUSE(xdr_authunix_parms) (&xdrs, aup))
{
xdrs.x_op = XDR_FREE;
(void) INTUSE(xdr_authunix_parms) (&xdrs, aup);
stat = AUTH_BADCRED;
goto done;
}
/* get the verifier */
if ((u_int)msg->rm_call.cb_verf.oa_length)
{
rqst->rq_xprt->xp_verf.oa_flavor =
msg->rm_call.cb_verf.oa_flavor;
rqst->rq_xprt->xp_verf.oa_base =
msg->rm_call.cb_verf.oa_base;
rqst->rq_xprt->xp_verf.oa_length =
msg->rm_call.cb_verf.oa_length;
}
else
{
rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL;
rqst->rq_xprt->xp_verf.oa_length = 0;
}
stat = AUTH_OK;
done:
XDR_DESTROY (&xdrs);
return stat;
}
bool xdr_sq_dqblk(XDR * xdrs, sq_dqblk * objp)
{
register int32_t *buf;
if (xdrs->x_op == XDR_ENCODE) {
buf = xdr_inline_encode(xdrs, 8 * BYTES_PER_XDR_UNIT);
if (buf != NULL) {
/* most likely */
IXDR_PUT_U_INT32(buf, objp->rq_bhardlimit);
IXDR_PUT_U_INT32(buf, objp->rq_bsoftlimit);
IXDR_PUT_U_INT32(buf, objp->rq_curblocks);
IXDR_PUT_U_INT32(buf, objp->rq_fhardlimit);
IXDR_PUT_U_INT32(buf, objp->rq_fsoftlimit);
IXDR_PUT_U_INT32(buf, objp->rq_curfiles);
IXDR_PUT_U_INT32(buf, objp->rq_btimeleft);
IXDR_PUT_U_INT32(buf, objp->rq_ftimeleft);
} else {
if (!XDR_PUTUINT32(xdrs, objp->rq_bhardlimit))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_bsoftlimit))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_curblocks))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_fhardlimit))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_fsoftlimit))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_curfiles))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_btimeleft))
return false;
if (!XDR_PUTUINT32(xdrs, objp->rq_ftimeleft))
return false;
}
return true;
}
if (xdrs->x_op == XDR_DECODE) {
buf = xdr_inline_decode(xdrs, 8 * BYTES_PER_XDR_UNIT);
if (buf != NULL) {
/* most likely */
objp->rq_bhardlimit = IXDR_GET_U_INT32(buf);
objp->rq_bsoftlimit = IXDR_GET_U_INT32(buf);
objp->rq_curblocks = IXDR_GET_U_INT32(buf);
objp->rq_fhardlimit = IXDR_GET_U_INT32(buf);
objp->rq_fsoftlimit = IXDR_GET_U_INT32(buf);
objp->rq_curfiles = IXDR_GET_U_INT32(buf);
objp->rq_btimeleft = IXDR_GET_U_INT32(buf);
objp->rq_ftimeleft = IXDR_GET_U_INT32(buf);
} else {
if (!XDR_GETUINT32(xdrs, &objp->rq_bhardlimit))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_bsoftlimit))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_curblocks))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_fhardlimit))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_fsoftlimit))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_curfiles))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_btimeleft))
return false;
if (!XDR_GETUINT32(xdrs, &objp->rq_ftimeleft))
return false;
}
return true;
}
if (!xdr_u_int(xdrs, &objp->rq_bhardlimit))
return false;
if (!xdr_u_int(xdrs, &objp->rq_bsoftlimit))
return false;
if (!xdr_u_int(xdrs, &objp->rq_curblocks))
return false;
if (!xdr_u_int(xdrs, &objp->rq_fhardlimit))
return false;
if (!xdr_u_int(xdrs, &objp->rq_fsoftlimit))
return false;
if (!xdr_u_int(xdrs, &objp->rq_curfiles))
return false;
if (!xdr_u_int(xdrs, &objp->rq_btimeleft))
return false;
if (!xdr_u_int(xdrs, &objp->rq_ftimeleft))
return false;
return true;
}
/*
* decode a reply message
*
* param[IN] buf 3 more inline
*/
bool
xdr_reply_decode(XDR *xdrs, struct rpc_msg *dmsg, int32_t *buf)
{
if (buf != NULL) {
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u INLINE",
__func__, __LINE__);
dmsg->rm_reply.rp_stat = IXDR_GET_ENUM(buf, enum_t);
} else {
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u non-INLINE",
__func__, __LINE__);
if (!xdr_getenum(xdrs, (enum_t *)&(dmsg->rm_reply.rp_stat))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR rm_reply.rp_stat",
__func__, __LINE__);
return (false);
}
}
switch (dmsg->rm_reply.rp_stat) {
case MSG_ACCEPTED:
{
struct accepted_reply *ar = (struct accepted_reply *)
&(dmsg->rm_reply.ru);
if (!inline_auth_decode(xdrs, &ar->ar_verf, buf)) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR (return)",
__func__, __LINE__);
return (false);
}
if (!xdr_getenum(xdrs, (enum_t *)&(ar->ar_stat))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR ar_stat",
__func__, __LINE__);
return (false);
}
switch (ar->ar_stat) {
case SUCCESS:
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u SUCCESS",
__func__, __LINE__);
return ((*(ar->ar_results.proc))(xdrs,
&(ar->ar_results.where)));
case PROG_MISMATCH:
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u MISMATCH",
__func__, __LINE__);
if (!xdr_getuint32(xdrs, &(ar->ar_vers.low))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR ar_vers.low",
__func__, __LINE__);
return (false);
}
if (!xdr_getuint32(xdrs, &(ar->ar_vers.high))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR ar_vers.high",
__func__, __LINE__);
return (false);
}
case GARBAGE_ARGS:
case SYSTEM_ERR:
case PROC_UNAVAIL:
case PROG_UNAVAIL:
/* true */
break;
default:
break;
}; /* ar_stat */
return (true);
} /* MSG_ACCEPTED */
case MSG_DENIED:
{
/* XXX branch not verified */
struct rejected_reply *rr = (struct rejected_reply *)
&(dmsg->rm_reply.ru);
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u MSG_DENIED not verified",
__func__, __LINE__);
if (buf != NULL) {
rr->rj_stat = IXDR_GET_ENUM(buf, enum_t);
} else if (!xdr_getenum(xdrs, (enum_t *)&(rr->rj_stat))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR rj_stat",
__func__, __LINE__);
return (false);
}
switch (rr->rj_stat) {
case RPC_MISMATCH:
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u DENIED MISMATCH",
__func__, __LINE__);
if (buf != NULL) {
rr->rj_vers.low = IXDR_GET_U_INT32(buf);
} else if (!xdr_getuint32(xdrs, &(rr->rj_vers.low))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR rj_vers.low",
__func__, __LINE__);
return (false);
}
if (!xdr_getuint32(xdrs, &(rr->rj_vers.high))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR rj_vers.high",
__func__, __LINE__);
return (false);
}
break;
case AUTH_ERROR:
__warnx(TIRPC_DEBUG_FLAG_RPC_MSG,
"%s:%u DENIED AUTH",
__func__, __LINE__);
if (buf != NULL) {
rr->rj_why = IXDR_GET_ENUM(buf, enum_t);
} else if (!xdr_getenum(xdrs,
(enum_t *)&(rr->rj_why))) {
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR rj_why",
__func__, __LINE__);
return (false);
}
break;
};
return (true);
} /* MSG_DENIED */
default:
__warnx(TIRPC_DEBUG_FLAG_ERROR,
"%s:%u ERROR dmsg->rm_reply.rp_stat %u",
__func__, __LINE__,
dmsg->rm_reply.rp_stat);
break;
}; /* rm_reply.rp_stat */
return (false);
}
