static bool_t authunix_validate(AUTH *auth, struct opaque_auth *verf) { struct audata *au; XDR xdrs; _DIAGASSERT(auth != NULL); _DIAGASSERT(verf != NULL); if (verf->oa_flavor == AUTH_SHORT) { au = AUTH_PRIVATE(auth); xdrmem_create(&xdrs, verf->oa_base, verf->oa_length, XDR_DECODE); if (au->au_shcred.oa_base != NULL) { mem_free(au->au_shcred.oa_base, au->au_shcred.oa_length); au->au_shcred.oa_base = NULL; } if (xdr_opaque_auth(&xdrs, &au->au_shcred)) { auth->ah_cred = au->au_shcred; } else { xdrs.x_op = XDR_FREE; (void)xdr_opaque_auth(&xdrs, &au->au_shcred); au->au_shcred.oa_base = NULL; auth->ah_cred = au->au_origcred; } marshal_new_auth(auth); } return (TRUE); }
/* * Create a unix style authenticator. * Returns an auth handle with the given stuff in it. */ AUTH * authunix_ncreate(char *machname, uid_t uid, gid_t gid, int len, gid_t *aup_gids) { struct audata *au = mem_alloc(sizeof(*au)); AUTH *auth = &au->au_auth; struct authunix_parms aup; struct timespec now; XDR xdrs; /* * Allocate and set up auth handle */ auth->ah_ops = authunix_ops(); auth->ah_private = NULL; auth->ah_error.re_status = RPC_SUCCESS; auth->ah_verf = au->au_shcred = _null_auth; auth->ah_refcnt = 1; au->au_shfaults = 0; /* * fill in param struct from the given params */ (void)clock_gettime(CLOCK_MONOTONIC_FAST, &now); aup.aup_time = now.tv_sec; aup.aup_machname = machname; aup.aup_uid = uid; aup.aup_gid = gid; aup.aup_len = (u_int) len; aup.aup_gids = aup_gids; /* * Serialize the parameters into origcred */ xdrmem_create(&xdrs, au->au_origcred.oa_body, MAX_AUTH_BYTES, XDR_ENCODE); if (!xdr_authunix_parms(&xdrs, &aup)) { __warnx(TIRPC_DEBUG_FLAG_AUTH, "%s: %s", __func__, clnt_sperrno(RPC_CANTENCODEARGS)); auth->ah_error.re_status = RPC_CANTENCODEARGS; return (auth); } au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs); au->au_origcred.oa_flavor = AUTH_UNIX; /* * set auth handle to reflect new cred. */ auth->ah_cred = au->au_origcred; /* auth_get not needed: ah_refcnt == 1, as desired */ marshal_new_auth(auth); /* */ return (auth); }
static bool authunix_refresh(AUTH *auth, void *dummy) { struct audata *au = AUTH_PRIVATE(auth); struct authunix_parms aup; struct timespec now; XDR xdrs; int stat; assert(auth != NULL); if (memcmp(&auth->ah_cred, &au->au_origcred, sizeof(struct opaque_auth)) == 0) { /* there is no hope. Punt */ return (false); } au->au_shfaults++; /* first deserialize the creds back into a struct authunix_parms */ aup.aup_machname = NULL; aup.aup_gids = NULL; xdrmem_create(&xdrs, au->au_origcred.oa_body, au->au_origcred.oa_length, XDR_DECODE); stat = xdr_authunix_parms(&xdrs, &aup); if (!stat) goto done; /* update the time and serialize in place */ (void)clock_gettime(CLOCK_MONOTONIC_FAST, &now); aup.aup_time = now.tv_sec; xdrs.x_op = XDR_ENCODE; XDR_SETPOS(&xdrs, 0); stat = xdr_authunix_parms(&xdrs, &aup); if (!stat) goto done; auth->ah_cred = au->au_origcred; marshal_new_auth(auth); done: /* free the struct authunix_parms created by deserializing */ xdrs.x_op = XDR_FREE; (void)xdr_authunix_parms(&xdrs, &aup); XDR_DESTROY(&xdrs); return (stat); }
static bool_t authunix_refresh(AUTH *auth) { struct audata *au = AUTH_PRIVATE(auth); struct authunix_parms aup; struct timeval now; XDR xdrs; int stat; _DIAGASSERT(auth != NULL); if (auth->ah_cred.oa_base == au->au_origcred.oa_base) { /* there is no hope. Punt */ return (FALSE); } au->au_shfaults++; /* first deserialize the creds back into a struct authunix_parms */ aup.aup_machname = NULL; aup.aup_gids = NULL; xdrmem_create(&xdrs, au->au_origcred.oa_base, au->au_origcred.oa_length, XDR_DECODE); stat = xdr_authunix_parms(&xdrs, &aup); if (! stat) goto done; /* update the time and serialize in place */ (void)gettimeofday(&now, NULL); aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */ xdrs.x_op = XDR_ENCODE; XDR_SETPOS(&xdrs, 0); stat = xdr_authunix_parms(&xdrs, &aup); if (! stat) goto done; auth->ah_cred = au->au_origcred; marshal_new_auth(auth); done: /* free the struct authunix_parms created by deserializing */ xdrs.x_op = XDR_FREE; (void)xdr_authunix_parms(&xdrs, &aup); XDR_DESTROY(&xdrs); return (stat); }
static bool authunix_validate(AUTH *auth, struct opaque_auth *verf) { struct audata *au = AUTH_PRIVATE(auth); XDR xdrs; assert(auth != NULL); assert(verf != NULL); if (verf->oa_flavor == AUTH_SHORT) { xdrmem_create(&xdrs, verf->oa_body, verf->oa_length, XDR_DECODE); if (xdr_opaque_auth_decode(&xdrs, &au->au_shcred, NULL)) { auth->ah_cred = au->au_shcred; } else { auth->ah_cred = au->au_origcred; } marshal_new_auth(auth); } return (true); }
/* * Create a unix style authenticator. * Returns an auth handle with the given stuff in it. */ AUTH * authunix_create(char *machname, int uid, int gid, int len, int *aup_gids) { struct authunix_parms aup; char mymem[MAX_AUTH_BYTES]; struct timeval now; XDR xdrs; AUTH *auth; struct audata *au; /* * Allocate and set up auth handle */ au = NULL; auth = mem_alloc(sizeof(*auth)); #ifndef KERNEL if (auth == NULL) { warnx("authunix_create: out of memory"); goto cleanup_authunix_create; } #endif au = mem_alloc(sizeof(*au)); #ifndef KERNEL if (au == NULL) { warnx("authunix_create: out of memory"); goto cleanup_authunix_create; } #endif auth->ah_ops = authunix_ops(); auth->ah_private = au; auth->ah_verf = au->au_shcred = _null_auth; au->au_shfaults = 0; au->au_origcred.oa_base = NULL; /* * fill in param struct from the given params */ (void)gettimeofday(&now, NULL); aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */ aup.aup_machname = machname; aup.aup_uid = uid; aup.aup_gid = gid; aup.aup_len = (u_int)len; aup.aup_gids = aup_gids; /* * Serialize the parameters into origcred */ xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE); if (! xdr_authunix_parms(&xdrs, &aup)) abort(); au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs); au->au_origcred.oa_flavor = AUTH_UNIX; #ifdef KERNEL au->au_origcred.oa_base = mem_alloc((size_t)len); #else if ((au->au_origcred.oa_base = mem_alloc((size_t)len)) == NULL) { warnx("authunix_create: out of memory"); goto cleanup_authunix_create; } #endif memmove(au->au_origcred.oa_base, mymem, (size_t)len); /* * set auth handle to reflect new cred. */ auth->ah_cred = au->au_origcred; marshal_new_auth(auth); return (auth); #ifndef KERNEL cleanup_authunix_create: if (auth) mem_free(auth, sizeof(*auth)); if (au) { if (au->au_origcred.oa_base) mem_free(au->au_origcred.oa_base, (u_int)len); mem_free(au, sizeof(*au)); } return (NULL); #endif }
/* * Create a unix style authenticator. * Returns an auth handle with the given stuff in it. */ AUTH * authunix_create(char *machname, int uid, int gid, int len, int *aup_gids) { struct authunix_parms aup; char mymem[MAX_AUTH_BYTES]; struct timeval now; XDR xdrs; AUTH *auth; struct audata *au; /* * Allocate and set up auth handle */ auth = (AUTH *)mem_alloc(sizeof(*auth)); #ifndef KERNEL if (auth == NULL) { (void)fprintf(stderr, "authunix_create: out of memory\n"); return (NULL); } #endif au = (struct audata *)mem_alloc(sizeof(*au)); #ifndef KERNEL if (au == NULL) { (void)fprintf(stderr, "authunix_create: out of memory\n"); free(auth); return (NULL); } #endif auth->ah_ops = &auth_unix_ops; auth->ah_private = (caddr_t)au; auth->ah_verf = au->au_shcred = _null_auth; au->au_shfaults = 0; /* * fill in param struct from the given params */ (void)gettimeofday(&now, NULL); aup.aup_time = now.tv_sec; aup.aup_machname = machname; aup.aup_uid = uid; aup.aup_gid = gid; aup.aup_len = (u_int)len; aup.aup_gids = aup_gids; /* * Serialize the parameters into origcred */ xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE); if (!xdr_authunix_parms(&xdrs, &aup)) goto authfail; au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs); au->au_origcred.oa_flavor = AUTH_UNIX; #ifdef KERNEL au->au_origcred.oa_base = mem_alloc((u_int) len); #else if ((au->au_origcred.oa_base = mem_alloc((u_int) len)) == NULL) { (void)fprintf(stderr, "authunix_create: out of memory\n"); goto authfail; } #endif memcpy(au->au_origcred.oa_base, mymem, (u_int)len); /* * set auth handle to reflect new cred. */ auth->ah_cred = au->au_origcred; marshal_new_auth(auth); return (auth); authfail: XDR_DESTROY(&xdrs); free(au); free(auth); return (NULL); }