* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
* unrestricted use provided that this legend is included on all tape
* media and as a part of the software program in whole or part. Users
* may copy or modify Sun RPC without charge, but are not authorized
* to license or distribute it to anyone else except as part of a product or
* program developed by the user.
* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
* Sun RPC is provided with no support and without any obligation on the
* part of Sun Microsystems, Inc. to assist in its use, correction,
* modification or enhancement.
* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
* In no event will Sun Microsystems, Inc. be liable for any lost revenue
* or profits or other special, indirect and consequential damages, even if
* Sun has been advised of the possibility of such damages.
* Mountain View, California 94043
#if defined(LIBC_SCCS) && !defined(lint)
/*static char *sccsid = "from: @(#)auth_unix.c 1.19 87/08/11 Copyr 1984 Sun Micro";*/
/*static char *sccsid = "from: @(#)auth_unix.c 2.2 88/08/01 4.0 RPCSRC";*/
static char *rcsid
= "$Id: auth_unix.c,v 1.4 1993/08/26 00:53:11 jtc Exp $";
* auth_unix.c, Implements UNIX style authentication parameters.
* Copyright (C) 1984, Sun Microsystems, Inc.
* The system is very weak. The client uses no encryption for it's
* credentials and only sends null verifiers. The server sends backs
* null verifiers or optionally a verifier that suggests a new short hand
#include <rpc/auth_unix.h>
* Unix authenticator operations vector
static void authunix_nextverf();
static bool_t
authunix_marshal();
static bool_t
authunix_validate();
static bool_t
authunix_refresh();
static void authunix_destroy();
static struct auth_ops auth_unix_ops
= {
* This struct is pointed to by the ah_private field of an auth_handle.
struct opaque_auth au_origcred
; /* original credentials */
struct opaque_auth au_shcred
; /* short hand cred */
u_long au_shfaults
; /* short hand cache faults */
char au_marshed
[MAX_AUTH_BYTES
];
u_int au_mpos
; /* xdr pos at end of marshed */
#define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
static bool_t
marshal_new_auth();
* Create a unix style authenticator.
* Returns an auth handle with the given stuff in it.
authunix_create(machname
, uid
, gid
, len
, aup_gids
)
struct authunix_parms aup
;
char mymem
[MAX_AUTH_BYTES
];
register struct audata
*au
;
* Allocate and set up auth handle
auth
= (AUTH
*)mem_alloc(sizeof(*auth
));
(void)fprintf(stderr
, "authunix_create: out of memory\n");
au
= (struct audata
*)mem_alloc(sizeof(*au
));
(void)fprintf(stderr
, "authunix_create: out of memory\n");
auth
->ah_ops
= &auth_unix_ops
;
auth
->ah_private
= (caddr_t
)au
;
auth
->ah_verf
= au
->au_shcred
= _null_auth
;
* fill in param struct from the given params
(void)gettimeofday(&now
, (struct timezone
*)0);
aup
.aup_time
= now
.tv_sec
;
aup
.aup_machname
= machname
;
aup
.aup_len
= (u_int
)len
;
* Serialize the parameters into origcred
xdrmem_create(&xdrs
, mymem
, MAX_AUTH_BYTES
, XDR_ENCODE
);
if (! xdr_authunix_parms(&xdrs
, &aup
))
au
->au_origcred
.oa_length
= len
= XDR_GETPOS(&xdrs
);
au
->au_origcred
.oa_flavor
= AUTH_UNIX
;
au
->au_origcred
.oa_base
= mem_alloc((u_int
) len
);
if ((au
->au_origcred
.oa_base
= mem_alloc((u_int
) len
)) == NULL
) {
(void)fprintf(stderr
, "authunix_create: out of memory\n");
bcopy(mymem
, au
->au_origcred
.oa_base
, (u_int
)len
);
* set auth handle to reflect new cred.
auth
->ah_cred
= au
->au_origcred
;
* Returns an auth handle with parameters determined by doing lots of
authunix_create_default()
char machname
[MAX_MACHINE_NAME
+ 1];
if (gethostname(machname
, MAX_MACHINE_NAME
) == -1)
machname
[MAX_MACHINE_NAME
] = 0;
if ((len
= getgroups(NGRPS
, gids
)) < 0)
return (authunix_create(machname
, uid
, gid
, len
, gids
));
/* no action necessary */
authunix_marshal(auth
, xdrs
)
register struct audata
*au
= AUTH_PRIVATE(auth
);
return (XDR_PUTBYTES(xdrs
, au
->au_marshed
, au
->au_mpos
));
authunix_validate(auth
, verf
)
register struct audata
*au
;
if (verf
.oa_flavor
== AUTH_SHORT
) {
xdrmem_create(&xdrs
, verf
.oa_base
, verf
.oa_length
, XDR_DECODE
);
if (au
->au_shcred
.oa_base
!= NULL
) {
mem_free(au
->au_shcred
.oa_base
,
au
->au_shcred
.oa_length
);
au
->au_shcred
.oa_base
= NULL
;
if (xdr_opaque_auth(&xdrs
, &au
->au_shcred
)) {
auth
->ah_cred
= au
->au_shcred
;
(void)xdr_opaque_auth(&xdrs
, &au
->au_shcred
);
au
->au_shcred
.oa_base
= NULL
;
auth
->ah_cred
= au
->au_origcred
;
register struct audata
*au
= AUTH_PRIVATE(auth
);
struct authunix_parms aup
;
if (auth
->ah_cred
.oa_base
== au
->au_origcred
.oa_base
) {
/* there is no hope. Punt */
/* first deserialize the creds back into a struct authunix_parms */
aup
.aup_gids
= (int *)NULL
;
xdrmem_create(&xdrs
, au
->au_origcred
.oa_base
,
au
->au_origcred
.oa_length
, XDR_DECODE
);
stat
= xdr_authunix_parms(&xdrs
, &aup
);
/* update the time and serialize in place */
(void)gettimeofday(&now
, (struct timezone
*)0);
aup
.aup_time
= now
.tv_sec
;
stat
= xdr_authunix_parms(&xdrs
, &aup
);
auth
->ah_cred
= au
->au_origcred
;
/* free the struct authunix_parms created by deserializing */
(void)xdr_authunix_parms(&xdrs
, &aup
);
register struct audata
*au
= AUTH_PRIVATE(auth
);
mem_free(au
->au_origcred
.oa_base
, au
->au_origcred
.oa_length
);
if (au
->au_shcred
.oa_base
!= NULL
)
mem_free(au
->au_shcred
.oa_base
, au
->au_shcred
.oa_length
);
mem_free(auth
->ah_private
, sizeof(struct audata
));
if (auth
->ah_verf
.oa_base
!= NULL
)
mem_free(auth
->ah_verf
.oa_base
, auth
->ah_verf
.oa_length
);
mem_free((caddr_t
)auth
, sizeof(*auth
));
* Marshals (pre-serializes) an auth struct.
* sets private data, au_marshed and au_mpos
register XDR
*xdrs
= &xdr_stream
;
register struct audata
*au
= AUTH_PRIVATE(auth
);
xdrmem_create(xdrs
, au
->au_marshed
, MAX_AUTH_BYTES
, XDR_ENCODE
);
if ((! xdr_opaque_auth(xdrs
, &(auth
->ah_cred
))) ||
(! xdr_opaque_auth(xdrs
, &(auth
->ah_verf
)))) {
perror("auth_none.c - Fatal marshalling problem");
au
->au_mpos
= XDR_GETPOS(xdrs
);