Пример #1
0
static void
get_kernel_supported_enctypes(void)
{
	FILE *s_e;
	int ret;
	char buffer[MYBUFLEN + 1];

	memset(buffer, '\0', sizeof(buffer));

	s_e = fopen(supported_enctypes_filename, "r");
	if (s_e == NULL)
		goto out_clean_parsed;

	ret = fread(buffer, 1, MYBUFLEN, s_e);
	if (ret < 0) {
		fclose(s_e);
		goto out_clean_parsed;
	}
	fclose(s_e);
	if (parse_enctypes(buffer)) {
		goto out_clean_parsed;
	}
out:
	return;

out_clean_parsed:
	if (parsed_enctypes != NULL) {
		free(parsed_enctypes);
		parsed_num_enctypes = 0;
	}
	goto out;
}
Пример #2
0
void
handle_gssd_upcall(struct clnt_info *clp)
{
	uid_t			uid;
	char			lbuf[RPC_CHAN_BUF_SIZE];
	int			lbuflen = 0;
	char			*p;
	char			*mech = NULL;
	char			*uidstr = NULL;
	char			*target = NULL;
	char			*service = NULL;
	char			*enctypes = NULL;

	lbuflen = read(clp->gssd_fd, lbuf, sizeof(lbuf));
	if (lbuflen <= 0 || lbuf[lbuflen-1] != '\n') {
		printerr(0, "WARNING: handle_gssd_upcall: "
			    "failed reading request\n");
		return;
	}
	lbuf[lbuflen-1] = 0;

	printerr(2, "\n%s: '%s' (%s)\n", __func__, lbuf, clp->relpath);

	for (p = strtok(lbuf, " "); p; p = strtok(NULL, " ")) {
		if (!strncmp(p, "mech=", strlen("mech=")))
			mech = p + strlen("mech=");
		else if (!strncmp(p, "uid=", strlen("uid=")))
			uidstr = p + strlen("uid=");
		else if (!strncmp(p, "enctypes=", strlen("enctypes=")))
			enctypes = p + strlen("enctypes=");
		else if (!strncmp(p, "target=", strlen("target=")))
			target = p + strlen("target=");
		else if (!strncmp(p, "service=", strlen("service=")))
			service = p + strlen("service=");
	}

	if (!mech || strlen(mech) < 1) {
		printerr(0, "WARNING: handle_gssd_upcall: "
			    "failed to find gss mechanism name "
			    "in upcall string '%s'\n", lbuf);
		return;
	}

	if (uidstr) {
		uid = (uid_t)strtol(uidstr, &p, 10);
		if (p == uidstr || *p != '\0')
			uidstr = NULL;
	}

	if (!uidstr) {
		printerr(0, "WARNING: handle_gssd_upcall: "
			    "failed to find uid "
			    "in upcall string '%s'\n", lbuf);
		return;
	}

	if (enctypes && parse_enctypes(enctypes) != 0) {
		printerr(0, "WARNING: handle_gssd_upcall: "
			 "parsing encryption types failed: errno %d\n", errno);
		return;
	}

	if (target && strlen(target) < 1) {
		printerr(0, "WARNING: handle_gssd_upcall: "
			 "failed to parse target name "
			 "in upcall string '%s'\n", lbuf);
		return;
	}

	/*
	 * The presence of attribute "service=" indicates that machine
	 * credentials should be used for this request.  If the value
	 * is "*", then any machine credentials available can be used.
	 * If the value is anything else, then machine credentials for
	 * the specified service name (always "nfs" for now) should be
	 * used.
	 */
	if (service && strlen(service) < 1) {
		printerr(0, "WARNING: handle_gssd_upcall: "
			 "failed to parse service type "
			 "in upcall string '%s'\n", lbuf);
		return;
	}

	if (strcmp(mech, "krb5") == 0 && clp->servername)
		process_krb5_upcall(clp, uid, clp->gssd_fd, target, service);
	else {
		if (clp->servername)
			printerr(0, "WARNING: handle_gssd_upcall: "
				 "received unknown gss mech '%s'\n", mech);
		do_error_downcall(clp->gssd_fd, uid, -EACCES);
	}
}