Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/rpc/svc_auth.c
39475 views
1
/*	$NetBSD: svc_auth.c,v 1.12 2000/07/06 03:10:35 christos Exp $	*/

2


3
/*-

4
 * SPDX-License-Identifier: BSD-3-Clause

5
 *

6
 * Copyright (c) 2009, Sun Microsystems, Inc.

7
 * All rights reserved.

8
 *

9
 * Redistribution and use in source and binary forms, with or without 

10
 * modification, are permitted provided that the following conditions are met:

11
 * - Redistributions of source code must retain the above copyright notice, 

12
 *   this list of conditions and the following disclaimer.

13
 * - Redistributions in binary form must reproduce the above copyright notice, 

14
 *   this list of conditions and the following disclaimer in the documentation 

15
 *   and/or other materials provided with the distribution.

16
 * - Neither the name of Sun Microsystems, Inc. nor the names of its 

17
 *   contributors may be used to endorse or promote products derived 

18
 *   from this software without specific prior written permission.

19
 * 

20
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 

21
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 

22
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 

23
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 

24
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 

25
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 

26
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 

27
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 

28
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 

30
 * POSSIBILITY OF SUCH DAMAGE.

31
 */

32
/*

33
 * Copyright (c) 1986-1991 by Sun Microsystems Inc. 

34
 */

35


36
/*

37
 * svc_auth.c, Server-side rpc authenticator interface.

38
 *

39
 */

40


41
#include <sys/param.h>

42
#include <sys/conf.h>

43
#include <sys/lock.h>

44
#include <sys/mutex.h>

45
#include <sys/proc.h>

46
#include <sys/systm.h>

47
#include <sys/jail.h>

48
#include <sys/ucred.h>

49


50
#include <rpc/rpc.h>

51
#include <rpc/rpcsec_tls.h>

52


53
static enum auth_stat (*_svcauth_rpcsec_gss)(struct svc_req *,

54
    struct rpc_msg *) = NULL;

55
static int (*_svcauth_rpcsec_gss_getcred)(struct svc_req *,

56
    struct ucred **, int *);

57


58
static const struct svc_auth_ops svc_auth_null_ops;

59


60
/*

61
 * The call rpc message, msg has been obtained from the wire.  The msg contains

62
 * the raw form of credentials and verifiers.  authenticate returns AUTH_OK

63
 * if the msg is successfully authenticated.  If AUTH_OK then the routine also

64
 * does the following things:

65
 * set rqst->rq_xprt->verf to the appropriate response verifier;

66
 * sets rqst->rq_client_cred to the "cooked" form of the credentials.

67
 *

68
 * NB: rqst->rq_cxprt->verf must be pre-allocated;

69
 * its length is set appropriately.

70
 *

71
 * The caller still owns and is responsible for msg->u.cmb.cred and

72
 * msg->u.cmb.verf.  The authentication system retains ownership of

73
 * rqst->rq_client_cred, the cooked credentials.

74
 *

75
 * There is an assumption that any flavour less than AUTH_NULL is

76
 * invalid.

77
 */

78
enum auth_stat

79
_authenticate(struct svc_req *rqst, struct rpc_msg *msg)

80
{

81
	int cred_flavor;

82
	enum auth_stat dummy;

83


84
	rqst->rq_cred = msg->rm_call.cb_cred;

85
	rqst->rq_auth.svc_ah_ops = &svc_auth_null_ops;

86
	rqst->rq_auth.svc_ah_private = NULL;

87
	cred_flavor = rqst->rq_cred.oa_flavor;

88
	switch (cred_flavor) {

89
	case AUTH_NULL:

90
		dummy = _svcauth_null(rqst, msg);

91
		return (dummy);

92
	case AUTH_SYS:

93
		if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)

94
			return (AUTH_REJECTEDCRED);

95
		dummy = _svcauth_unix(rqst, msg);

96
		return (dummy);

97
	case AUTH_SHORT:

98
		if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)

99
			return (AUTH_REJECTEDCRED);

100
		dummy = _svcauth_short(rqst, msg);

101
		return (dummy);

102
	case RPCSEC_GSS:

103
		if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)

104
			return (AUTH_REJECTEDCRED);

105
		if (!_svcauth_rpcsec_gss)

106
			return (AUTH_REJECTEDCRED);

107
		dummy = _svcauth_rpcsec_gss(rqst, msg);

108
		return (dummy);

109
	case AUTH_TLS:

110
		dummy = _svcauth_rpcsec_tls(rqst, msg);

111
		return (dummy);

112
	default:

113
		break;

114
	}

115


116
	return (AUTH_REJECTEDCRED);

117
}

118


119
/*

120
 * A set of null auth methods used by any authentication protocols

121
 * that don't need to inspect or modify the message body.

122
 */

123
static bool_t

124
svcauth_null_wrap(SVCAUTH *auth, struct mbuf **mp)

125
{

126


127
	return (TRUE);

128
}

129


130
static bool_t

131
svcauth_null_unwrap(SVCAUTH *auth, struct mbuf **mp)

132
{

133


134
	return (TRUE);

135
}

136


137
static void

138
svcauth_null_release(SVCAUTH *auth)

139
{

140


141
}

142


143
static const struct svc_auth_ops svc_auth_null_ops = {

144
	.svc_ah_wrap = svcauth_null_wrap,

145
	.svc_ah_unwrap = svcauth_null_unwrap,

146
	.svc_ah_release = svcauth_null_release,

147
};

148


149
/*ARGSUSED*/

150
enum auth_stat

151
_svcauth_null(struct svc_req *rqst, struct rpc_msg *msg)

152
{

153


154
	rqst->rq_verf = _null_auth;

155
	return (AUTH_OK);

156
}

157


158
int

159
svc_auth_reg(int flavor,

160
    enum auth_stat (*svcauth)(struct svc_req *, struct rpc_msg *),

161
    int (*getcred)(struct svc_req *, struct ucred **, int *))

162
{

163


164
	if (flavor == RPCSEC_GSS) {

165
		_svcauth_rpcsec_gss = svcauth;

166
		_svcauth_rpcsec_gss_getcred = getcred;

167
	}

168
	return (TRUE);

169
}

170


171
int

172
svc_getcred(struct svc_req *rqst, struct ucred **crp, int *flavorp)

173
{

174
	struct ucred *cr = NULL;

175
	int flavor;

176
	struct xucred *xcr;

177
	SVCXPRT *xprt = rqst->rq_xprt;

178


179
	flavor = rqst->rq_cred.oa_flavor;

180
	if (flavorp)

181
		*flavorp = flavor;

182


183
	/*

184
	 * If there are credentials acquired via a TLS

185
	 * certificate for this TCP connection, use those

186
	 * instead of what is in the RPC header.

187
	 */

188
	if ((xprt->xp_tls & (RPCTLS_FLAGS_CERTUSER |

189
	    RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER &&

190
	    flavor == AUTH_UNIX) {

191
		if (xprt->xp_ngrps <= 0)

192
			return (FALSE);

193
		cr = crget();

194
		cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xprt->xp_uid;

195
		crsetgroups_and_egid(cr, xprt->xp_ngrps, xprt->xp_gidp, GID_NOGROUP);

196
		cr->cr_rgid = cr->cr_svgid = cr->cr_gid;

197
		cr->cr_prison = curthread->td_ucred->cr_prison;

198
		prison_hold(cr->cr_prison);

199
		*crp = cr;

200
		return (TRUE);

201
	}

202


203
	switch (flavor) {

204
	case AUTH_UNIX:

205
		xcr = (struct xucred *) rqst->rq_clntcred;

206
		if (xcr->cr_ngroups <= 0)

207
			return (FALSE);

208
		cr = crget();

209
		cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid;

210
		crsetgroups_and_egid(cr, xcr->cr_ngroups, xcr->cr_groups, GID_NOGROUP);

211
		cr->cr_rgid = cr->cr_svgid = cr->cr_gid;

212
		cr->cr_prison = curthread->td_ucred->cr_prison;

213
		prison_hold(cr->cr_prison);

214
		*crp = cr;

215
		return (TRUE);

216


217
	case RPCSEC_GSS:

218
		if (!_svcauth_rpcsec_gss_getcred)

219
			return (FALSE);

220
		return (_svcauth_rpcsec_gss_getcred(rqst, crp, flavorp));

221


222
	default:

223
		return (FALSE);

224
	}

225
}

226


227


228