-: 0:Source:svc_auth.c -: 0:Graph:/var/tsitkova/Sources/v10/trunk/src/lib/rpc/svc_auth.so.gcno -: 0:Data:/var/tsitkova/Sources/v10/trunk/src/lib/rpc/svc_auth.so.gcda -: 0:Runs:959 -: 0:Programs:1 -: 1:/* lib/rpc/svc_auth.c */ -: 2:/* -: 3: * Copyright (c) 2010, Oracle America, Inc. -: 4: * -: 5: * All rights reserved. -: 6: * -: 7: * Redistribution and use in source and binary forms, with or without -: 8: * modification, are permitted provided that the following conditions are met: -: 9: * -: 10: * * Redistributions of source code must retain the above copyright -: 11: * notice, this list of conditions and the following disclaimer. -: 12: * -: 13: * * Redistributions in binary form must reproduce the above copyright -: 14: * notice, this list of conditions and the following disclaimer in -: 15: * the documentation and/or other materials provided with the -: 16: * distribution. -: 17: * -: 18: * * Neither the name of the "Oracle America, Inc." nor the names of -: 19: * its contributors may be used to endorse or promote products -: 20: * derived from this software without specific prior written permission. -: 21: * -: 22: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS -: 23: * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -: 24: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -: 25: * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -: 26: * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -: 27: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -: 28: * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -: 29: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -: 30: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -: 31: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -: 32: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -: 33: */ -: 34: -: 35:/* -: 36: * svc_auth_nodes.c, Server-side rpc authenticator interface, -: 37: * *WITHOUT* DES authentication. -: 38: */ -: 39: -: 40:#include -: 41: -: 42:/* -: 43: * Server side authenticators are called from authenticate by -: 44: * using the client auth struct flavor field to index into svcauthsw. -: 45: * The server auth flavors must implement a routine that looks -: 46: * like: -: 47: * -: 48: * enum auth_stat -: 49: * flavorx_auth(rqst, msg) -: 50: * register struct svc_req *rqst; -: 51: * register struct rpc_msg *msg; -: 52: * -: 53: */ -: 54: -: 55:static struct svcauthsw_type { -: 56: enum_t flavor; -: 57: enum auth_stat (*authenticator)(struct svc_req *, struct rpc_msg *, -: 58: bool_t *); -: 59:} svcauthsw[] = { -: 60: {AUTH_GSSAPI, gssrpc__svcauth_gssapi}, /* AUTH_GSSAPI */ -: 61: {AUTH_NONE, gssrpc__svcauth_none}, /* AUTH_NONE */ -: 62:#if 0 -: 63: {AUTH_GSSAPI_COMPAT, gssrpc__svcauth_gssapi}, /* AUTH_GSSAPI_COMPAT */ -: 64:#endif -: 65: {AUTH_UNIX, gssrpc__svcauth_unix}, /* AUTH_UNIX */ -: 66: {AUTH_SHORT, gssrpc__svcauth_short}, /* AUTH_SHORT */ -: 67: {RPCSEC_GSS, gssrpc__svcauth_gss} /* RPCSEC_GSS */ -: 68:}; -: 69:static int svcauthnum = sizeof(svcauthsw) / sizeof(struct svcauthsw_type); -: 70: -: 71:/* -: 72: * The call rpc message, msg has been obtained from the wire. The msg contains -: 73: * the raw form of credentials and verifiers. authenticate returns AUTH_OK -: 74: * if the msg is successfully authenticated. If AUTH_OK then the routine also -: 75: * does the following things: -: 76: * set rqst->rq_xprt->verf to the appropriate response verifier; -: 77: * sets rqst->rq_client_cred to the "cooked" form of the credentials. -: 78: * -: 79: * NB: rqst->rq_cxprt->verf must be pre-alloctaed; -: 80: * its length is set appropriately. -: 81: * -: 82: * The caller still owns and is responsible for msg->u.cmb.cred and -: 83: * msg->u.cmb.verf. The authentication system retains ownership of -: 84: * rqst->rq_client_cred, the cooked credentials. -: 85: */ -: 86:enum auth_stat 24: 87:gssrpc__authenticate( -: 88: register struct svc_req *rqst, -: 89: struct rpc_msg *msg, -: 90: bool_t *no_dispatch) -: 91:{ -: 92: register int cred_flavor, i; -: 93: 24: 94: rqst->rq_cred = msg->rm_call.cb_cred; 24: 95: rqst->rq_xprt->xp_verf.oa_flavor = gssrpc__null_auth.oa_flavor; 24: 96: rqst->rq_xprt->xp_verf.oa_length = 0; 24: 97: cred_flavor = rqst->rq_cred.oa_flavor; 24: 98: *no_dispatch = FALSE; 120: 99: for (i = 0; i < svcauthnum; i++) { 144: 100: if (cred_flavor == svcauthsw[i].flavor && 24: 101: svcauthsw[i].authenticator != NULL) { 24: 102: return ((*(svcauthsw[i].authenticator))(rqst, -: 103: msg, -: 104: no_dispatch)); -: 105: } -: 106: } -: 107: #####: 108: return (AUTH_REJECTEDCRED); -: 109:}