/* * 3. Validate */ static bool_t authdes_validate (AUTH *auth, struct opaque_auth *rverf) { struct ad_private *ad = AUTH_PRIVATE (auth); struct authdes_verf verf; int status; register uint32_t *ixdr; if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) return FALSE; ixdr = (uint32_t *) rverf->oa_base; verf.adv_xtimestamp.key.high = *ixdr++; verf.adv_xtimestamp.key.low = *ixdr++; verf.adv_int_u = *ixdr++; /* nickname not XDR'd ! */ /* * Decrypt the timestamp */ status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp, sizeof (des_block), DES_DECRYPT | DES_HW); if (DES_FAILED (status)) { debug ("authdes_validate: DES decryption failure"); return FALSE; } /* * xdr the decrypted timestamp */ ixdr = (uint32_t *) verf.adv_xtimestamp.c; verf.adv_timestamp.tv_sec = IXDR_GET_U_INT32 (ixdr) + 1; verf.adv_timestamp.tv_usec = IXDR_GET_U_INT32 (ixdr); /* * validate */ if (memcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp, sizeof (struct rpc_timeval)) != 0) { debug ("authdes_validate: verifier mismatch\n"); return FALSE; } /* * We have a nickname now, let's use it */ ad->ad_nickname = verf.adv_nickname; ad->ad_cred.adc_namekind = ADN_NICKNAME; return TRUE; }
/* * System (Unix) longhand authenticator */ enum auth_stat __svcauth_sys(struct svc_req *rqst, struct rpc_msg *msg) { struct authsys_parms *aup; int32_t *buf; struct authsys_area *area; uint_t auth_len; uint_t str_len, gid_len; int i; /* LINTED pointer cast */ area = (struct authsys_area *)rqst->rq_clntcred; aup = &area->area_aup; aup->aup_machname = area->area_machname; aup->aup_gids = area->area_gids; auth_len = msg->rm_call.cb_cred.oa_length; if (auth_len == 0) return (AUTH_BADCRED); /* LINTED pointer cast */ buf = (int32_t *)msg->rm_call.cb_cred.oa_base; aup->aup_time = IXDR_GET_INT32(buf); str_len = IXDR_GET_U_INT32(buf); if (str_len > MAX_MACHINE_NAME) return (AUTH_BADCRED); (void) memcpy(aup->aup_machname, buf, str_len); aup->aup_machname[str_len] = 0; str_len = RNDUP(str_len); buf += str_len / (int)sizeof (int32_t); aup->aup_uid = IXDR_GET_INT32(buf); aup->aup_gid = IXDR_GET_INT32(buf); gid_len = IXDR_GET_U_INT32(buf); if (gid_len > NGRPS) return (AUTH_BADCRED); aup->aup_len = gid_len; for (i = 0; i < gid_len; i++) { aup->aup_gids[i] = (gid_t)IXDR_GET_INT32(buf); } /* * five is the smallest unix credentials structure - * timestamp, hostname len (0), uid, gid, and gids len (0). */ if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) return (AUTH_BADCRED); rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL; rqst->rq_xprt->xp_verf.oa_length = 0; return (AUTH_OK); }
bool_t xdr_Create_LinkParms (XDR *xdrs, Create_LinkParms *objp) { #if defined(SOLARIS) && !defined(_LP64) register long *buf; #else register int32_t *buf; #endif if (xdrs->x_op == XDR_ENCODE) { buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_long (xdrs, &objp->clientId)) return FALSE; if (!xdr_bool (xdrs, &objp->lockDevice)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; } else { IXDR_PUT_INT32(buf, objp->clientId); IXDR_PUT_BOOL(buf, objp->lockDevice); IXDR_PUT_U_INT32(buf, objp->lock_timeout); } if (!xdr_string (xdrs, &objp->device, ~0)) return FALSE; return TRUE; } else if (xdrs->x_op == XDR_DECODE) { buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_long (xdrs, &objp->clientId)) return FALSE; if (!xdr_bool (xdrs, &objp->lockDevice)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; } else { objp->clientId = IXDR_GET_INT32(buf); objp->lockDevice = IXDR_GET_BOOL(buf); objp->lock_timeout = IXDR_GET_U_INT32(buf); } if (!xdr_string (xdrs, &objp->device, ~0)) return FALSE; return TRUE; } if (!xdr_long (xdrs, &objp->clientId)) return FALSE; if (!xdr_bool (xdrs, &objp->lockDevice)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; if (!xdr_string (xdrs, &objp->device, ~0)) return FALSE; return TRUE; }
/* * decode a duplex message, log error messages */ bool xdr_dplx_decode(XDR *xdrs, struct rpc_msg *dmsg) { int32_t *buf; /* * NOTE: 5 here, 3 more in each _decode */ buf = XDR_INLINE(xdrs, 5 * BYTES_PER_XDR_UNIT); if (buf != NULL) { dmsg->rm_xid = IXDR_GET_U_INT32(buf); dmsg->rm_direction = IXDR_GET_ENUM(buf, enum msg_type); } else {
/* * encrypt/decrypt ID (val1) and R (val2) * return FALSE on failure and TRUE on success */ bool_t __npd_ecb_crypt( uint32_t *val1, uint32_t *val2, des_block *buf, unsigned int bufsize, unsigned int mode, des_block *deskey) { int status; int32_t *ixdr; if (bufsize > MAX_KEY_CRYPT_LEN) return (FALSE); ixdr = (int32_t *)buf; if (mode == DES_ENCRYPT) { (void) memset((char *)buf, 0, bufsize); IXDR_PUT_U_INT32(ixdr, *val1); IXDR_PUT_U_INT32(ixdr, *val2); status = ecb_crypt((char *)deskey, (char *)buf, bufsize, mode | DES_HW); if (DES_FAILED(status)) return (FALSE); } else { status = ecb_crypt((char *)deskey, (char *)buf, bufsize, mode | DES_HW); if (DES_FAILED(status)) return (FALSE); *val1 = IXDR_GET_U_INT32(ixdr); *val2 = IXDR_GET_U_INT32(ixdr); } return (TRUE); }
/* * encrypt/decrypt R (val) and password (str) * return FALSE on failure and TRUE on success */ bool_t __npd_cbc_crypt( uint32_t *val, char *str, unsigned int strsize, npd_newpass *buf, unsigned int bufsize, unsigned int mode, des_block *deskey) { int status, i; int32_t *ixdr; des_block ivec; if (bufsize > MAX_KEY_CRYPT_LEN) return (FALSE); ivec.key.low = ivec.key.high = 0; ixdr = (int32_t *)buf; if (mode == DES_ENCRYPT) { if ((strsize + 4) > bufsize) return (FALSE); IXDR_PUT_U_INT32(ixdr, *val); (void) strcpy((char *)buf->pass, str); for (i = strsize; i < __NPD_MAXPASSBYTES; i++) buf->pass[i] = '\0'; status = cbc_crypt((char *)deskey, (char *)buf, bufsize, mode | DES_HW, (char *)&ivec); if (DES_FAILED(status)) return (FALSE); } else { status = cbc_crypt((char *)deskey, (char *)buf, bufsize, mode | DES_HW, (char *)&ivec); if (DES_FAILED(status)) return (FALSE); *val = IXDR_GET_U_INT32(ixdr); if (strlen((char *)buf->pass) > strsize) return (FALSE); (void) strcpy(str, (char *)buf->pass); } return (TRUE); }
bool_t xdr_Device_ReadParms (XDR *xdrs, Device_ReadParms *objp) { #if defined(SOLARIS) && !defined(_LP64) register long *buf; #else register int32_t *buf; #endif if (xdrs->x_op == XDR_ENCODE) { if (!xdr_Device_Link (xdrs, &objp->lid)) return FALSE; buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_long (xdrs, &objp->requestSize)) return FALSE; if (!xdr_u_long (xdrs, &objp->io_timeout)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; } else { IXDR_PUT_U_INT32(buf, objp->requestSize); IXDR_PUT_U_INT32(buf, objp->io_timeout); IXDR_PUT_U_INT32(buf, objp->lock_timeout); } if (!xdr_Device_Flags (xdrs, &objp->flags)) return FALSE; if (!xdr_char (xdrs, &objp->termChar)) return FALSE; return TRUE; } else if (xdrs->x_op == XDR_DECODE) { if (!xdr_Device_Link (xdrs, &objp->lid)) return FALSE; buf = XDR_INLINE (xdrs, 3 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_long (xdrs, &objp->requestSize)) return FALSE; if (!xdr_u_long (xdrs, &objp->io_timeout)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; } else { objp->requestSize = IXDR_GET_U_INT32(buf); objp->io_timeout = IXDR_GET_U_INT32(buf); objp->lock_timeout = IXDR_GET_U_INT32(buf); } if (!xdr_Device_Flags (xdrs, &objp->flags)) return FALSE; if (!xdr_char (xdrs, &objp->termChar)) return FALSE; return TRUE; } if (!xdr_Device_Link (xdrs, &objp->lid)) return FALSE; if (!xdr_u_long (xdrs, &objp->requestSize)) return FALSE; if (!xdr_u_long (xdrs, &objp->io_timeout)) return FALSE; if (!xdr_u_long (xdrs, &objp->lock_timeout)) return FALSE; if (!xdr_Device_Flags (xdrs, &objp->flags)) return FALSE; if (!xdr_char (xdrs, &objp->termChar)) return FALSE; return TRUE; }
/* * Unix longhand authenticator */ enum auth_stat _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg) { enum auth_stat stat; XDR xdrs; struct authunix_parms *aup; int32_t *buf; struct area { struct authunix_parms area_aup; char area_machname[MAX_MACHINE_NAME+1]; int area_gids[NGRPS]; } *area; u_int auth_len; size_t str_len, gid_len; u_int i; assert(rqst != NULL); assert(msg != NULL); area = (struct area *) rqst->rq_clntcred; aup = &area->area_aup; aup->aup_machname = area->area_machname; aup->aup_gids = area->area_gids; auth_len = (u_int)msg->rm_call.cb_cred.oa_length; xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE); buf = XDR_INLINE(&xdrs, auth_len); if (buf != NULL) { aup->aup_time = IXDR_GET_INT32(buf); str_len = (size_t)IXDR_GET_U_INT32(buf); if (str_len > MAX_MACHINE_NAME) { stat = AUTH_BADCRED; goto done; } memmove(aup->aup_machname, buf, str_len); aup->aup_machname[str_len] = 0; str_len = RNDUP(str_len); buf += str_len / sizeof (int32_t); aup->aup_uid = (int)IXDR_GET_INT32(buf); aup->aup_gid = (int)IXDR_GET_INT32(buf); gid_len = (size_t)IXDR_GET_U_INT32(buf); if (gid_len > NGRPS) { stat = AUTH_BADCRED; goto done; } aup->aup_len = gid_len; for (i = 0; i < gid_len; i++) { aup->aup_gids[i] = (int)IXDR_GET_INT32(buf); } /* * five is the smallest unix credentials structure - * timestamp, hostname len (0), uid, gid, and gids len (0). */ if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) { printf("bad auth_len gid %ld str %ld auth %u\n", (long)gid_len, (long)str_len, auth_len); stat = AUTH_BADCRED; goto done; } } else if (! xdr_authunix_parms(&xdrs, aup)) { xdrs.x_op = XDR_FREE; xdr_authunix_parms(&xdrs, aup); stat = AUTH_BADCRED; goto done; } /* get the verifier */ if ((u_int)msg->rm_call.cb_verf.oa_length) { rqst->rq_xprt->xp_verf.oa_flavor = msg->rm_call.cb_verf.oa_flavor; rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base; rqst->rq_xprt->xp_verf.oa_length = msg->rm_call.cb_verf.oa_length; } else { rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL; rqst->rq_xprt->xp_verf.oa_length = 0; } stat = AUTH_OK; done: XDR_DESTROY(&xdrs); return (stat); }
/* * File attributes */ bool_t xdr_fattr(XDR *xdrs, struct nfsfattr *na) { int32_t *ptr; if (xdrs->x_op == XDR_FREE) return (TRUE); ptr = XDR_INLINE(xdrs, 17 * BYTES_PER_XDR_UNIT); if (ptr != NULL) { if (xdrs->x_op == XDR_DECODE) { na->na_type = IXDR_GET_ENUM(ptr, enum nfsftype); na->na_mode = IXDR_GET_U_INT32(ptr); na->na_nlink = IXDR_GET_U_INT32(ptr); na->na_uid = IXDR_GET_U_INT32(ptr); na->na_gid = IXDR_GET_U_INT32(ptr); na->na_size = IXDR_GET_U_INT32(ptr); na->na_blocksize = IXDR_GET_U_INT32(ptr); na->na_rdev = IXDR_GET_U_INT32(ptr); na->na_blocks = IXDR_GET_U_INT32(ptr); na->na_fsid = IXDR_GET_U_INT32(ptr); na->na_nodeid = IXDR_GET_U_INT32(ptr); na->na_atime.tv_sec = IXDR_GET_U_INT32(ptr); na->na_atime.tv_usec = IXDR_GET_U_INT32(ptr); na->na_mtime.tv_sec = IXDR_GET_U_INT32(ptr); na->na_mtime.tv_usec = IXDR_GET_U_INT32(ptr); na->na_ctime.tv_sec = IXDR_GET_U_INT32(ptr); na->na_ctime.tv_usec = IXDR_GET_U_INT32(ptr); } else {
/* * Arguments to remote write and writecache */ bool_t xdr_writeargs(XDR *xdrs, struct nfswriteargs *wa) { int32_t *ptr; int32_t *fhp; switch (xdrs->x_op) { case XDR_DECODE: wa->wa_args = &wa->wa_args_buf; ptr = XDR_INLINE(xdrs, RNDUP(sizeof (fhandle_t)) + 3 * BYTES_PER_XDR_UNIT); if (ptr != NULL) { fhp = (int32_t *)&wa->wa_fhandle; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp++ = *ptr++; *fhp = *ptr++; wa->wa_begoff = IXDR_GET_U_INT32(ptr); wa->wa_offset = IXDR_GET_U_INT32(ptr); wa->wa_totcount = IXDR_GET_U_INT32(ptr); wa->wa_mblk = NULL; wa->wa_data = NULL; wa->wa_rlist = NULL; wa->wa_conn = NULL; if (xdrs->x_ops == &xdrmblk_ops) { return (xdrmblk_getmblk(xdrs, &wa->wa_mblk, &wa->wa_count)); } else { if (xdrs->x_ops == &xdrrdmablk_ops) { if (xdrrdma_getrdmablk(xdrs, &wa->wa_rlist, &wa->wa_count, &wa->wa_conn, NFS_MAXDATA) == TRUE) return (xdrrdma_read_from_client( wa->wa_rlist, &wa->wa_conn, wa->wa_count)); wa->wa_rlist = NULL; wa->wa_conn = NULL; } } /* * It is just as efficient to xdr_bytes * an array of unknown length as to inline copy it. */ return (xdr_bytes(xdrs, &wa->wa_data, &wa->wa_count, NFS_MAXDATA)); } if (xdr_fhandle(xdrs, &wa->wa_fhandle) && xdr_u_int(xdrs, &wa->wa_begoff) && xdr_u_int(xdrs, &wa->wa_offset) && xdr_u_int(xdrs, &wa->wa_totcount)) { /* deal with the variety of data transfer types */ wa->wa_mblk = NULL; wa->wa_data = NULL; wa->wa_rlist = NULL; wa->wa_conn = NULL; if (xdrs->x_ops == &xdrmblk_ops) { if (xdrmblk_getmblk(xdrs, &wa->wa_mblk, &wa->wa_count) == TRUE) return (TRUE); } else { if (xdrs->x_ops == &xdrrdmablk_ops) { if (xdrrdma_getrdmablk(xdrs, &wa->wa_rlist, &wa->wa_count, &wa->wa_conn, NFS_MAXDATA) == TRUE) return (xdrrdma_read_from_client( wa->wa_rlist, &wa->wa_conn, wa->wa_count)); wa->wa_rlist = NULL; wa->wa_conn = NULL; } } return (xdr_bytes(xdrs, &wa->wa_data, &wa->wa_count, NFS_MAXDATA)); } return (FALSE); case XDR_ENCODE: ptr = XDR_INLINE(xdrs, RNDUP(sizeof (fhandle_t)) + 3 * BYTES_PER_XDR_UNIT); if (ptr != NULL) { fhp = (int32_t *)&wa->wa_fhandle; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp++; *ptr++ = *fhp; IXDR_PUT_U_INT32(ptr, wa->wa_begoff); IXDR_PUT_U_INT32(ptr, wa->wa_offset); IXDR_PUT_U_INT32(ptr, wa->wa_totcount); } else { if (!(xdr_fhandle(xdrs, &wa->wa_fhandle) && xdr_u_int(xdrs, &wa->wa_begoff) && xdr_u_int(xdrs, &wa->wa_offset) && xdr_u_int(xdrs, &wa->wa_totcount))) return (FALSE); } return (xdr_bytes(xdrs, &wa->wa_data, &wa->wa_count, NFS_MAXDATA)); case XDR_FREE: if (wa->wa_rlist) { (void) xdrrdma_free_clist(wa->wa_conn, wa->wa_rlist); wa->wa_rlist = NULL; } if (wa->wa_data != NULL) { kmem_free(wa->wa_data, wa->wa_count); wa->wa_data = NULL; } return (TRUE); } return (FALSE); }
bool_t xdr_rpcbs_rmtcalllist(XDR *xdrs, rpcbs_rmtcalllist *objp) { int32_t *buf; struct rpcbs_rmtcalllist **pnext; if (xdrs->x_op == XDR_ENCODE) { buf = XDR_INLINE(xdrs, 6 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_int32_t(xdrs, &objp->prog)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->vers)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->proc)) { return (FALSE); } if (!xdr_int(xdrs, &objp->success)) { return (FALSE); } if (!xdr_int(xdrs, &objp->failure)) { return (FALSE); } if (!xdr_int(xdrs, &objp->indirect)) { return (FALSE); } } else { IXDR_PUT_U_INT32(buf, objp->prog); IXDR_PUT_U_INT32(buf, objp->vers); IXDR_PUT_U_INT32(buf, objp->proc); IXDR_PUT_INT32(buf, objp->success); IXDR_PUT_INT32(buf, objp->failure); IXDR_PUT_INT32(buf, objp->indirect); } if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { return (FALSE); } pnext = &objp->next; if (!xdr_pointer(xdrs, (char **) pnext, sizeof (rpcbs_rmtcalllist), (xdrproc_t)xdr_rpcbs_rmtcalllist)) { return (FALSE); } return (TRUE); } else if (xdrs->x_op == XDR_DECODE) { buf = XDR_INLINE(xdrs, 6 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_int32_t(xdrs, &objp->prog)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->vers)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->proc)) { return (FALSE); } if (!xdr_int(xdrs, &objp->success)) { return (FALSE); } if (!xdr_int(xdrs, &objp->failure)) { return (FALSE); } if (!xdr_int(xdrs, &objp->indirect)) { return (FALSE); } } else { objp->prog = (rpcprog_t)IXDR_GET_U_INT32(buf); objp->vers = (rpcvers_t)IXDR_GET_U_INT32(buf); objp->proc = (rpcproc_t)IXDR_GET_U_INT32(buf); objp->success = (int)IXDR_GET_INT32(buf); objp->failure = (int)IXDR_GET_INT32(buf); objp->indirect = (int)IXDR_GET_INT32(buf); } if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { return (FALSE); } if (!xdr_pointer(xdrs, (char **) pnext, sizeof (rpcbs_rmtcalllist), (xdrproc_t)xdr_rpcbs_rmtcalllist)) { return (FALSE); } return (TRUE); } if (!xdr_u_int32_t(xdrs, &objp->prog)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->vers)) { return (FALSE); } if (!xdr_u_int32_t(xdrs, &objp->proc)) { return (FALSE); } if (!xdr_int(xdrs, &objp->success)) { return (FALSE); } if (!xdr_int(xdrs, &objp->failure)) { return (FALSE); } if (!xdr_int(xdrs, &objp->indirect)) { return (FALSE); } if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { return (FALSE); } if (!xdr_pointer(xdrs, (char **) pnext, sizeof (rpcbs_rmtcalllist), (xdrproc_t)xdr_rpcbs_rmtcalllist)) { return (FALSE); } return (TRUE); }
/* * Unix longhand authenticator */ enum auth_stat _svcauth_unix (struct svc_req *rqst, struct rpc_msg *msg) { enum auth_stat stat; XDR xdrs; struct authunix_parms *aup; int32_t *buf; struct area { struct authunix_parms area_aup; char area_machname[MAX_MACHINE_NAME + 1]; gid_t area_gids[NGRPS]; } *area; u_int auth_len; u_int str_len, gid_len; u_int i; area = (struct area *) rqst->rq_clntcred; aup = &area->area_aup; aup->aup_machname = area->area_machname; aup->aup_gids = area->area_gids; auth_len = (u_int) msg->rm_call.cb_cred.oa_length; INTUSE(xdrmem_create) (&xdrs, msg->rm_call.cb_cred.oa_base, auth_len, XDR_DECODE); buf = XDR_INLINE (&xdrs, auth_len); if (buf != NULL) { aup->aup_time = IXDR_GET_LONG (buf); str_len = IXDR_GET_U_INT32 (buf); if (str_len > MAX_MACHINE_NAME) { stat = AUTH_BADCRED; goto done; } memcpy (aup->aup_machname, (caddr_t) buf, (u_int) str_len); aup->aup_machname[str_len] = 0; str_len = RNDUP (str_len); buf = (int32_t *) ((char *) buf + str_len); aup->aup_uid = IXDR_GET_LONG (buf); aup->aup_gid = IXDR_GET_LONG (buf); gid_len = IXDR_GET_U_INT32 (buf); if (gid_len > NGRPS) { stat = AUTH_BADCRED; goto done; } aup->aup_len = gid_len; for (i = 0; i < gid_len; i++) { aup->aup_gids[i] = IXDR_GET_LONG (buf); } /* * five is the smallest unix credentials structure - * timestamp, hostname len (0), uid, gid, and gids len (0). */ if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) { stat = AUTH_BADCRED; goto done; } } else if (!INTUSE(xdr_authunix_parms) (&xdrs, aup)) { xdrs.x_op = XDR_FREE; (void) INTUSE(xdr_authunix_parms) (&xdrs, aup); stat = AUTH_BADCRED; goto done; } /* get the verifier */ if ((u_int)msg->rm_call.cb_verf.oa_length) { rqst->rq_xprt->xp_verf.oa_flavor = msg->rm_call.cb_verf.oa_flavor; rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base; rqst->rq_xprt->xp_verf.oa_length = msg->rm_call.cb_verf.oa_length; } else { rqst->rq_xprt->xp_verf.oa_flavor = AUTH_NULL; rqst->rq_xprt->xp_verf.oa_length = 0; } stat = AUTH_OK; done: XDR_DESTROY (&xdrs); return stat; }
bool xdr_sq_dqblk(XDR * xdrs, sq_dqblk * objp) { register int32_t *buf; if (xdrs->x_op == XDR_ENCODE) { buf = xdr_inline_encode(xdrs, 8 * BYTES_PER_XDR_UNIT); if (buf != NULL) { /* most likely */ IXDR_PUT_U_INT32(buf, objp->rq_bhardlimit); IXDR_PUT_U_INT32(buf, objp->rq_bsoftlimit); IXDR_PUT_U_INT32(buf, objp->rq_curblocks); IXDR_PUT_U_INT32(buf, objp->rq_fhardlimit); IXDR_PUT_U_INT32(buf, objp->rq_fsoftlimit); IXDR_PUT_U_INT32(buf, objp->rq_curfiles); IXDR_PUT_U_INT32(buf, objp->rq_btimeleft); IXDR_PUT_U_INT32(buf, objp->rq_ftimeleft); } else { if (!XDR_PUTUINT32(xdrs, objp->rq_bhardlimit)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_bsoftlimit)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_curblocks)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_fhardlimit)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_fsoftlimit)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_curfiles)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_btimeleft)) return false; if (!XDR_PUTUINT32(xdrs, objp->rq_ftimeleft)) return false; } return true; } if (xdrs->x_op == XDR_DECODE) { buf = xdr_inline_decode(xdrs, 8 * BYTES_PER_XDR_UNIT); if (buf != NULL) { /* most likely */ objp->rq_bhardlimit = IXDR_GET_U_INT32(buf); objp->rq_bsoftlimit = IXDR_GET_U_INT32(buf); objp->rq_curblocks = IXDR_GET_U_INT32(buf); objp->rq_fhardlimit = IXDR_GET_U_INT32(buf); objp->rq_fsoftlimit = IXDR_GET_U_INT32(buf); objp->rq_curfiles = IXDR_GET_U_INT32(buf); objp->rq_btimeleft = IXDR_GET_U_INT32(buf); objp->rq_ftimeleft = IXDR_GET_U_INT32(buf); } else { if (!XDR_GETUINT32(xdrs, &objp->rq_bhardlimit)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_bsoftlimit)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_curblocks)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_fhardlimit)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_fsoftlimit)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_curfiles)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_btimeleft)) return false; if (!XDR_GETUINT32(xdrs, &objp->rq_ftimeleft)) return false; } return true; } if (!xdr_u_int(xdrs, &objp->rq_bhardlimit)) return false; if (!xdr_u_int(xdrs, &objp->rq_bsoftlimit)) return false; if (!xdr_u_int(xdrs, &objp->rq_curblocks)) return false; if (!xdr_u_int(xdrs, &objp->rq_fhardlimit)) return false; if (!xdr_u_int(xdrs, &objp->rq_fsoftlimit)) return false; if (!xdr_u_int(xdrs, &objp->rq_curfiles)) return false; if (!xdr_u_int(xdrs, &objp->rq_btimeleft)) return false; if (!xdr_u_int(xdrs, &objp->rq_ftimeleft)) return false; return true; }
/* * decode a reply message * * param[IN] buf 3 more inline */ bool xdr_reply_decode(XDR *xdrs, struct rpc_msg *dmsg, int32_t *buf) { if (buf != NULL) { __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u INLINE", __func__, __LINE__); dmsg->rm_reply.rp_stat = IXDR_GET_ENUM(buf, enum_t); } else { __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u non-INLINE", __func__, __LINE__); if (!xdr_getenum(xdrs, (enum_t *)&(dmsg->rm_reply.rp_stat))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR rm_reply.rp_stat", __func__, __LINE__); return (false); } } switch (dmsg->rm_reply.rp_stat) { case MSG_ACCEPTED: { struct accepted_reply *ar = (struct accepted_reply *) &(dmsg->rm_reply.ru); if (!inline_auth_decode(xdrs, &ar->ar_verf, buf)) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR (return)", __func__, __LINE__); return (false); } if (!xdr_getenum(xdrs, (enum_t *)&(ar->ar_stat))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR ar_stat", __func__, __LINE__); return (false); } switch (ar->ar_stat) { case SUCCESS: __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u SUCCESS", __func__, __LINE__); return ((*(ar->ar_results.proc))(xdrs, &(ar->ar_results.where))); case PROG_MISMATCH: __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u MISMATCH", __func__, __LINE__); if (!xdr_getuint32(xdrs, &(ar->ar_vers.low))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR ar_vers.low", __func__, __LINE__); return (false); } if (!xdr_getuint32(xdrs, &(ar->ar_vers.high))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR ar_vers.high", __func__, __LINE__); return (false); } case GARBAGE_ARGS: case SYSTEM_ERR: case PROC_UNAVAIL: case PROG_UNAVAIL: /* true */ break; default: break; }; /* ar_stat */ return (true); } /* MSG_ACCEPTED */ case MSG_DENIED: { /* XXX branch not verified */ struct rejected_reply *rr = (struct rejected_reply *) &(dmsg->rm_reply.ru); __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u MSG_DENIED not verified", __func__, __LINE__); if (buf != NULL) { rr->rj_stat = IXDR_GET_ENUM(buf, enum_t); } else if (!xdr_getenum(xdrs, (enum_t *)&(rr->rj_stat))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR rj_stat", __func__, __LINE__); return (false); } switch (rr->rj_stat) { case RPC_MISMATCH: __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u DENIED MISMATCH", __func__, __LINE__); if (buf != NULL) { rr->rj_vers.low = IXDR_GET_U_INT32(buf); } else if (!xdr_getuint32(xdrs, &(rr->rj_vers.low))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR rj_vers.low", __func__, __LINE__); return (false); } if (!xdr_getuint32(xdrs, &(rr->rj_vers.high))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR rj_vers.high", __func__, __LINE__); return (false); } break; case AUTH_ERROR: __warnx(TIRPC_DEBUG_FLAG_RPC_MSG, "%s:%u DENIED AUTH", __func__, __LINE__); if (buf != NULL) { rr->rj_why = IXDR_GET_ENUM(buf, enum_t); } else if (!xdr_getenum(xdrs, (enum_t *)&(rr->rj_why))) { __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR rj_why", __func__, __LINE__); return (false); } break; }; return (true); } /* MSG_DENIED */ default: __warnx(TIRPC_DEBUG_FLAG_ERROR, "%s:%u ERROR dmsg->rm_reply.rp_stat %u", __func__, __LINE__, dmsg->rm_reply.rp_stat); break; }; /* rm_reply.rp_stat */ return (false); }