static bool_t
authunix_validate(AUTH *auth, struct opaque_auth *verf)
{
struct audata *au;
XDR xdrs;
_DIAGASSERT(auth != NULL);
_DIAGASSERT(verf != NULL);
if (verf->oa_flavor == AUTH_SHORT) {
au = AUTH_PRIVATE(auth);
xdrmem_create(&xdrs, verf->oa_base, verf->oa_length,
XDR_DECODE);
if (au->au_shcred.oa_base != NULL) {
mem_free(au->au_shcred.oa_base,
au->au_shcred.oa_length);
au->au_shcred.oa_base = NULL;
}
if (xdr_opaque_auth(&xdrs, &au->au_shcred)) {
auth->ah_cred = au->au_shcred;
} else {
xdrs.x_op = XDR_FREE;
(void)xdr_opaque_auth(&xdrs, &au->au_shcred);
au->au_shcred.oa_base = NULL;
auth->ah_cred = au->au_origcred;
}
marshal_new_auth(auth);
}
return (TRUE);
}
/*
* Create a unix style authenticator.
* Returns an auth handle with the given stuff in it.
*/
AUTH *
authunix_ncreate(char *machname, uid_t uid, gid_t gid, int len,
gid_t *aup_gids)
{
struct audata *au = mem_alloc(sizeof(*au));
AUTH *auth = &au->au_auth;
struct authunix_parms aup;
struct timespec now;
XDR xdrs;
/*
* Allocate and set up auth handle
*/
auth->ah_ops = authunix_ops();
auth->ah_private = NULL;
auth->ah_error.re_status = RPC_SUCCESS;
auth->ah_verf = au->au_shcred = _null_auth;
auth->ah_refcnt = 1;
au->au_shfaults = 0;
/*
* fill in param struct from the given params
*/
(void)clock_gettime(CLOCK_MONOTONIC_FAST, &now);
aup.aup_time = now.tv_sec;
aup.aup_machname = machname;
aup.aup_uid = uid;
aup.aup_gid = gid;
aup.aup_len = (u_int) len;
aup.aup_gids = aup_gids;
/*
* Serialize the parameters into origcred
*/
xdrmem_create(&xdrs, au->au_origcred.oa_body, MAX_AUTH_BYTES,
XDR_ENCODE);
if (!xdr_authunix_parms(&xdrs, &aup)) {
__warnx(TIRPC_DEBUG_FLAG_AUTH, "%s: %s",
__func__, clnt_sperrno(RPC_CANTENCODEARGS));
auth->ah_error.re_status = RPC_CANTENCODEARGS;
return (auth);
}
au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs);
au->au_origcred.oa_flavor = AUTH_UNIX;
/*
* set auth handle to reflect new cred.
*/
auth->ah_cred = au->au_origcred;
/* auth_get not needed: ah_refcnt == 1, as desired */
marshal_new_auth(auth);
/* */
return (auth);
}
static bool
authunix_refresh(AUTH *auth, void *dummy)
{
struct audata *au = AUTH_PRIVATE(auth);
struct authunix_parms aup;
struct timespec now;
XDR xdrs;
int stat;
assert(auth != NULL);
if (memcmp(&auth->ah_cred, &au->au_origcred, sizeof(struct opaque_auth))
== 0) {
/* there is no hope. Punt */
return (false);
}
au->au_shfaults++;
/* first deserialize the creds back into a struct authunix_parms */
aup.aup_machname = NULL;
aup.aup_gids = NULL;
xdrmem_create(&xdrs, au->au_origcred.oa_body, au->au_origcred.oa_length,
XDR_DECODE);
stat = xdr_authunix_parms(&xdrs, &aup);
if (!stat)
goto done;
/* update the time and serialize in place */
(void)clock_gettime(CLOCK_MONOTONIC_FAST, &now);
aup.aup_time = now.tv_sec;
xdrs.x_op = XDR_ENCODE;
XDR_SETPOS(&xdrs, 0);
stat = xdr_authunix_parms(&xdrs, &aup);
if (!stat)
goto done;
auth->ah_cred = au->au_origcred;
marshal_new_auth(auth);
done:
/* free the struct authunix_parms created by deserializing */
xdrs.x_op = XDR_FREE;
(void)xdr_authunix_parms(&xdrs, &aup);
XDR_DESTROY(&xdrs);
return (stat);
}
static bool_t
authunix_refresh(AUTH *auth)
{
struct audata *au = AUTH_PRIVATE(auth);
struct authunix_parms aup;
struct timeval now;
XDR xdrs;
int stat;
_DIAGASSERT(auth != NULL);
if (auth->ah_cred.oa_base == au->au_origcred.oa_base) {
/* there is no hope. Punt */
return (FALSE);
}
au->au_shfaults++;
/* first deserialize the creds back into a struct authunix_parms */
aup.aup_machname = NULL;
aup.aup_gids = NULL;
xdrmem_create(&xdrs, au->au_origcred.oa_base,
au->au_origcred.oa_length, XDR_DECODE);
stat = xdr_authunix_parms(&xdrs, &aup);
if (! stat)
goto done;
/* update the time and serialize in place */
(void)gettimeofday(&now, NULL);
aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */
xdrs.x_op = XDR_ENCODE;
XDR_SETPOS(&xdrs, 0);
stat = xdr_authunix_parms(&xdrs, &aup);
if (! stat)
goto done;
auth->ah_cred = au->au_origcred;
marshal_new_auth(auth);
done:
/* free the struct authunix_parms created by deserializing */
xdrs.x_op = XDR_FREE;
(void)xdr_authunix_parms(&xdrs, &aup);
XDR_DESTROY(&xdrs);
return (stat);
}
static bool
authunix_validate(AUTH *auth, struct opaque_auth *verf)
{
struct audata *au = AUTH_PRIVATE(auth);
XDR xdrs;
assert(auth != NULL);
assert(verf != NULL);
if (verf->oa_flavor == AUTH_SHORT) {
xdrmem_create(&xdrs, verf->oa_body, verf->oa_length,
XDR_DECODE);
if (xdr_opaque_auth_decode(&xdrs, &au->au_shcred, NULL)) {
auth->ah_cred = au->au_shcred;
} else {
auth->ah_cred = au->au_origcred;
}
marshal_new_auth(auth);
}
return (true);
}
/*
* Create a unix style authenticator.
* Returns an auth handle with the given stuff in it.
*/
AUTH *
authunix_create(char *machname, int uid, int gid, int len, int *aup_gids)
{
struct authunix_parms aup;
char mymem[MAX_AUTH_BYTES];
struct timeval now;
XDR xdrs;
AUTH *auth;
struct audata *au;
/*
* Allocate and set up auth handle
*/
au = NULL;
auth = mem_alloc(sizeof(*auth));
#ifndef KERNEL
if (auth == NULL) {
warnx("authunix_create: out of memory");
goto cleanup_authunix_create;
}
#endif
au = mem_alloc(sizeof(*au));
#ifndef KERNEL
if (au == NULL) {
warnx("authunix_create: out of memory");
goto cleanup_authunix_create;
}
#endif
auth->ah_ops = authunix_ops();
auth->ah_private = au;
auth->ah_verf = au->au_shcred = _null_auth;
au->au_shfaults = 0;
au->au_origcred.oa_base = NULL;
/*
* fill in param struct from the given params
*/
(void)gettimeofday(&now, NULL);
aup.aup_time = (u_long)now.tv_sec; /* XXX: truncate on 32 bit */
aup.aup_machname = machname;
aup.aup_uid = uid;
aup.aup_gid = gid;
aup.aup_len = (u_int)len;
aup.aup_gids = aup_gids;
/*
* Serialize the parameters into origcred
*/
xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE);
if (! xdr_authunix_parms(&xdrs, &aup))
abort();
au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs);
au->au_origcred.oa_flavor = AUTH_UNIX;
#ifdef KERNEL
au->au_origcred.oa_base = mem_alloc((size_t)len);
#else
if ((au->au_origcred.oa_base = mem_alloc((size_t)len)) == NULL) {
warnx("authunix_create: out of memory");
goto cleanup_authunix_create;
}
#endif
memmove(au->au_origcred.oa_base, mymem, (size_t)len);
/*
* set auth handle to reflect new cred.
*/
auth->ah_cred = au->au_origcred;
marshal_new_auth(auth);
return (auth);
#ifndef KERNEL
cleanup_authunix_create:
if (auth)
mem_free(auth, sizeof(*auth));
if (au) {
if (au->au_origcred.oa_base)
mem_free(au->au_origcred.oa_base, (u_int)len);
mem_free(au, sizeof(*au));
}
return (NULL);
#endif
}
/*
* Create a unix style authenticator.
* Returns an auth handle with the given stuff in it.
*/
AUTH *
authunix_create(char *machname, int uid, int gid, int len, int *aup_gids)
{
struct authunix_parms aup;
char mymem[MAX_AUTH_BYTES];
struct timeval now;
XDR xdrs;
AUTH *auth;
struct audata *au;
/*
* Allocate and set up auth handle
*/
auth = (AUTH *)mem_alloc(sizeof(*auth));
#ifndef KERNEL
if (auth == NULL) {
(void)fprintf(stderr, "authunix_create: out of memory\n");
return (NULL);
}
#endif
au = (struct audata *)mem_alloc(sizeof(*au));
#ifndef KERNEL
if (au == NULL) {
(void)fprintf(stderr, "authunix_create: out of memory\n");
free(auth);
return (NULL);
}
#endif
auth->ah_ops = &auth_unix_ops;
auth->ah_private = (caddr_t)au;
auth->ah_verf = au->au_shcred = _null_auth;
au->au_shfaults = 0;
/*
* fill in param struct from the given params
*/
(void)gettimeofday(&now, NULL);
aup.aup_time = now.tv_sec;
aup.aup_machname = machname;
aup.aup_uid = uid;
aup.aup_gid = gid;
aup.aup_len = (u_int)len;
aup.aup_gids = aup_gids;
/*
* Serialize the parameters into origcred
*/
xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE);
if (!xdr_authunix_parms(&xdrs, &aup))
goto authfail;
au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs);
au->au_origcred.oa_flavor = AUTH_UNIX;
#ifdef KERNEL
au->au_origcred.oa_base = mem_alloc((u_int) len);
#else
if ((au->au_origcred.oa_base = mem_alloc((u_int) len)) == NULL) {
(void)fprintf(stderr, "authunix_create: out of memory\n");
goto authfail;
}
#endif
memcpy(au->au_origcred.oa_base, mymem, (u_int)len);
/*
* set auth handle to reflect new cred.
*/
auth->ah_cred = au->au_origcred;
marshal_new_auth(auth);
return (auth);
authfail:
XDR_DESTROY(&xdrs);
free(au);
free(auth);
return (NULL);
}
