Commit | Line | Data |
---|---|---|
ad787160 C |
1 | #if defined(LIBC_SCCS) && !defined(lint) |
2 | static char sccsid[] = "@(#)whoami_proc.c 2.3 89/07/11 4.0 RPCSRC"; | |
3 | #endif | |
4 | /* | |
5 | * whoami_proc.c: secure identity verifier and reporter: server proc | |
6 | */ | |
7 | #include <sys/param.h> | |
8 | #include <rpc/rpc.h> | |
9 | #include <rpc/key_prot.h> | |
10 | #include <pwd.h> | |
11 | #include "whoami.h" | |
12 | ||
13 | extern char *strcpy(); | |
14 | ||
15 | /* | |
16 | * Report on the server's notion of the client's identity. | |
17 | */ | |
18 | remote_identity * | |
19 | whoami_iask_1(nullarg, rqstp) | |
20 | void *nullarg; | |
21 | struct svc_req *rqstp; | |
22 | { | |
23 | static remote_identity whoisthem; | |
24 | static char username[MAXNETNAMELEN+1]; | |
25 | static char realname[MAXNETNAMELEN+1]; /* really gecos field */ | |
26 | static int grouplist[NGROUPS]; | |
27 | char publickey[HEXKEYBYTES+1]; | |
28 | ||
29 | struct authdes_cred *des_cred; | |
30 | struct passwd *pwdent; | |
31 | ||
32 | switch (rqstp->rq_cred.oa_flavor) | |
33 | { | |
34 | case AUTH_DES: | |
35 | whoisthem.remote_username = username; | |
36 | whoisthem.remote_realname = realname; | |
37 | whoisthem.gids.gids_val = grouplist; | |
38 | des_cred = (struct authdes_cred *) rqstp->rq_clntcred; | |
39 | /* | |
40 | * Check to see if the netname being used is in the public key | |
41 | * database (if not, reject this (potential) imposter). | |
42 | */ | |
43 | if (! getpublickey(des_cred->adc_fullname.name, publickey)) | |
44 | { | |
45 | svcerr_weakauth(rqstp->rq_xprt); | |
46 | return(NULL); | |
47 | } | |
48 | /* | |
49 | * Get the info that the client wants. | |
50 | */ | |
51 | if (! netname2user(des_cred->adc_fullname.name, &whoisthem.uid, | |
52 | &whoisthem.gid, &whoisthem.gids.gids_len, | |
53 | whoisthem.gids.gids_val)) | |
54 | { /* netname not found */ | |
55 | whoisthem.authenticated = FALSE; | |
56 | strcpy(whoisthem.remote_username, "nobody"); | |
57 | strcpy(whoisthem.remote_realname, "INTERLOPER!"); | |
58 | whoisthem.uid = -2; | |
59 | whoisthem.gid = -2; | |
60 | whoisthem.gids.gids_len = 0; | |
61 | return(&whoisthem); | |
62 | } | |
63 | /* else we found the netname */ | |
64 | whoisthem.authenticated = TRUE; | |
65 | pwdent = getpwuid(whoisthem.uid); | |
66 | strcpy(whoisthem.remote_username, pwdent->pw_name); | |
67 | strcpy(whoisthem.remote_realname, pwdent->pw_gecos); | |
68 | return(&whoisthem); | |
69 | break; | |
70 | case AUTH_UNIX: | |
71 | case AUTH_NULL: | |
72 | default: | |
73 | svcerr_weakauth(rqstp->rq_xprt); | |
74 | return(NULL); | |
75 | } | |
76 | } | |
77 | ||
78 | /* | |
79 | * Return server's netname. AUTH_NONE is valid. | |
80 | * This routine allows this server to be started under any uid, | |
81 | * and the client can ask us our netname for use in authdes_create(). | |
82 | */ | |
83 | name * | |
84 | whoami_whoru_1(nullarg, rqstp) | |
85 | void *nullarg; | |
86 | struct svc_req *rqstp; | |
87 | { | |
88 | static name whoru; | |
89 | static char servername[MAXNETNAMELEN+1]; | |
90 | ||
91 | whoru = servername; | |
92 | getnetname(servername); | |
93 | ||
94 | return(&whoru); | |
95 | } |