/* $NetBSD: authunix_prot.c,v 1.12 2000/01/22 22:19:17 mycroft Exp $ */12/*-3* SPDX-License-Identifier: BSD-3-Clause4*5* Copyright (c) 2009, Sun Microsystems, Inc.6* All rights reserved.7*8* Redistribution and use in source and binary forms, with or without9* modification, are permitted provided that the following conditions are met:10* - Redistributions of source code must retain the above copyright notice,11* this list of conditions and the following disclaimer.12* - Redistributions in binary form must reproduce the above copyright notice,13* this list of conditions and the following disclaimer in the documentation14* and/or other materials provided with the distribution.15* - Neither the name of Sun Microsystems, Inc. nor the names of its16* contributors may be used to endorse or promote products derived17* from this software without specific prior written permission.18*19* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"20* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE21* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE22* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE23* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR24* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF25* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS26* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN27* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)28* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE29* POSSIBILITY OF SUCH DAMAGE.30*/3132#include <sys/cdefs.h>33/*34* authunix_prot.c35* XDR for UNIX style authentication parameters for RPC36*37* Copyright (C) 1984, Sun Microsystems, Inc.38*/3940#include <sys/param.h>41#include <sys/jail.h>42#include <sys/kernel.h>43#include <sys/systm.h>44#include <sys/ucred.h>4546#include <rpc/types.h>47#include <rpc/xdr.h>48#include <rpc/auth.h>4950#include <rpc/rpc_com.h>5152/* gids compose part of a credential; there may not be more than 16 of them */53#define NGRPS 165455/*56* XDR for unix authentication parameters.57*/58bool_t59xdr_authunix_parms(XDR *xdrs, uint32_t *time, struct xucred *cred)60{61uint32_t namelen;62uint32_t ngroups, i;63uint32_t junk;64char hostbuf[MAXHOSTNAMELEN];6566if (xdrs->x_op == XDR_ENCODE) {67/*68* Restrict name length to 255 according to RFC 1057.69*/70getcredhostname(NULL, hostbuf, sizeof(hostbuf));71namelen = strlen(hostbuf);72if (namelen > 255)73namelen = 255;74} else {75namelen = 0;76}77junk = 0;7879if (!xdr_uint32_t(xdrs, time)80|| !xdr_uint32_t(xdrs, &namelen))81return (FALSE);8283/*84* Ignore the hostname on decode.85*/86if (xdrs->x_op == XDR_ENCODE) {87if (!xdr_opaque(xdrs, hostbuf, namelen))88return (FALSE);89} else {90xdr_setpos(xdrs, xdr_getpos(xdrs) + RNDUP(namelen));91}9293if (!xdr_uint32_t(xdrs, &cred->cr_uid))94return (FALSE);95if (!xdr_uint32_t(xdrs, &cred->cr_gid))96return (FALSE);9798if (xdrs->x_op == XDR_ENCODE) {99/*100* Note that this is a `struct xucred`, which maintains its101* historical layout of preserving the egid in cr_ngroups and102* cr_groups[0] == egid.103*/104ngroups = cred->cr_ngroups - 1;105if (ngroups > NGRPS)106ngroups = NGRPS;107}108109if (!xdr_uint32_t(xdrs, &ngroups))110return (FALSE);111for (i = 0; i < ngroups; i++) {112if (i < ngroups_max) {113if (!xdr_uint32_t(xdrs, &cred->cr_groups[i + 1]))114return (FALSE);115} else {116if (!xdr_uint32_t(xdrs, &junk))117return (FALSE);118}119}120121if (xdrs->x_op == XDR_DECODE) {122if (ngroups > ngroups_max)123cred->cr_ngroups = ngroups_max + 1;124else125cred->cr_ngroups = ngroups + 1;126}127128return (TRUE);129}130131132