ReactOS  0.4.13-dev-73-gcfe54aa
svc_auth.c
Go to the documentation of this file.
1 
2 /*
3  * Copyright (c) 2009, Sun Microsystems, Inc.
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are met:
8  * - Redistributions of source code must retain the above copyright notice,
9  * this list of conditions and the following disclaimer.
10  * - Redistributions in binary form must reproduce the above copyright notice,
11  * this list of conditions and the following disclaimer in the documentation
12  * and/or other materials provided with the distribution.
13  * - Neither the name of Sun Microsystems, Inc. nor the names of its
14  * contributors may be used to endorse or promote products derived
15  * from this software without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27  * POSSIBILITY OF SUCH DAMAGE.
28  */
29 /*
30  * Copyright (c) 1986-1991 by Sun Microsystems Inc.
31  */
32 
33 /*
34  * svc_auth.c, Server-side rpc authenticator interface.
35  *
36  */
37 #include <wintirpc.h>
38 //#include <pthread.h>
39 #include <reentrant.h>
40 #include <sys/types.h>
41 #include <rpc/rpc.h>
42 #include <stdlib.h>
43 
44 /*
45  * svcauthsw is the bdevsw of server side authentication.
46  *
47  * Server side authenticators are called from authenticate by
48  * using the client auth struct flavor field to index into svcauthsw.
49  * The server auth flavors must implement a routine that looks
50  * like:
51  *
52  * enum auth_stat
53  * flavorx_auth(rqst, msg)
54  * struct svc_req *rqst;
55  * struct rpc_msg *msg;
56  *
57  */
58 
59 /* declarations to allow servers to specify new authentication flavors */
60 struct authsvc {
61  int flavor;
62  enum auth_stat (*handler)(struct svc_req *, struct rpc_msg *);
63  struct authsvc *next;
64 };
65 static struct authsvc *Auths = NULL;
66 
67 /*
68  * The call rpc message, msg has been obtained from the wire. The msg contains
69  * the raw form of credentials and verifiers. authenticate returns AUTH_OK
70  * if the msg is successfully authenticated. If AUTH_OK then the routine also
71  * does the following things:
72  * set rqst->rq_xprt->verf to the appropriate response verifier;
73  * sets rqst->rq_client_cred to the "cooked" form of the credentials.
74  *
75  * NB: rqst->rq_cxprt->verf must be pre-alloctaed;
76  * its length is set appropriately.
77  *
78  * The caller still owns and is responsible for msg->u.cmb.cred and
79  * msg->u.cmb.verf. The authentication system retains ownership of
80  * rqst->rq_client_cred, the cooked credentials.
81  *
82  * There is an assumption that any flavour less than AUTH_NULL is
83  * invalid.
84  */
85 enum auth_stat
87  struct svc_req *rqst;
88  struct rpc_msg *msg;
89 {
90  int cred_flavor;
91  struct authsvc *asp;
92  enum auth_stat dummy;
93  extern mutex_t authsvc_lock;
94 
95 /* VARIABLES PROTECTED BY authsvc_lock: asp, Auths */
96 
97  rqst->rq_cred = msg->rm_call.cb_cred;
98  rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor;
99  rqst->rq_xprt->xp_verf.oa_length = 0;
100  cred_flavor = rqst->rq_cred.oa_flavor;
101  switch (cred_flavor) {
102  case AUTH_NULL:
103  dummy = _svcauth_null(rqst, msg);
104  return (dummy);
105  case AUTH_SYS:
106  dummy = _svcauth_unix(rqst, msg);
107  return (dummy);
108  case AUTH_SHORT:
109  dummy = _svcauth_short(rqst, msg);
110  return (dummy);
111 #ifdef DES_BUILTIN
112  case AUTH_DES:
113  dummy = _svcauth_des(rqst, msg);
114  return (dummy);
115 #endif
116  default:
117  break;
118  }
119 
120  /* flavor doesn't match any of the builtin types, so try new ones */
122  for (asp = Auths; asp; asp = asp->next) {
123  if (asp->flavor == cred_flavor) {
124  enum auth_stat as;
125 
126  as = (*asp->handler)(rqst, msg);
128  return (as);
129  }
130  }
132 
133  return (AUTH_REJECTEDCRED);
134 }
135 
136 /*ARGSUSED*/
137 enum auth_stat
139  struct svc_req *rqst;
140  struct rpc_msg *msg;
141 {
142  return (AUTH_OK);
143 }
144 
145 /*
146  * Allow the rpc service to register new authentication types that it is
147  * prepared to handle. When an authentication flavor is registered,
148  * the flavor is checked against already registered values. If not
149  * registered, then a new Auths entry is added on the list.
150  *
151  * There is no provision to delete a registration once registered.
152  *
153  * This routine returns:
154  * 0 if registration successful
155  * 1 if flavor already registered
156  * -1 if can't register (errno set)
157  */
158 
159 int
160 svc_auth_reg(cred_flavor, handler)
161  int cred_flavor;
162  enum auth_stat (*handler)(struct svc_req *, struct rpc_msg *);
163 {
164  struct authsvc *asp;
165  extern mutex_t authsvc_lock;
166 
167  switch (cred_flavor) {
168  case AUTH_NULL:
169  case AUTH_SYS:
170  case AUTH_SHORT:
171 #ifdef DES_BUILTIN
172  case AUTH_DES:
173 #endif
174  /* already registered */
175  return (1);
176 
177  default:
179  for (asp = Auths; asp; asp = asp->next) {
180  if (asp->flavor == cred_flavor) {
181  /* already registered */
183  return (1);
184  }
185  }
186 
187  /* this is a new one, so go ahead and register it */
188  asp = mem_alloc(sizeof (*asp));
189  if (asp == NULL) {
191  return (-1);
192  }
193  asp->flavor = cred_flavor;
194  asp->handler = handler;
195  asp->next = Auths;
196  Auths = asp;
198  break;
199  }
200  return (0);
201 }
struct authsvc * next
Definition: svc_auth.c:63
static struct authsvc * Auths
Definition: svc_auth.c:65
enum auth_stat(* handler)(struct svc_req *, struct rpc_msg *)
Definition: svc_auth.c:62
enum auth_stat _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
Definition: svc_auth_unix.c:51
#define mutex_lock(m)
Definition: reentrant.h:128
SVCXPRT * rq_xprt
Definition: svc.h:139
#define mutex_unlock(m)
Definition: reentrant.h:129
#define mem_alloc(bsize)
Definition: types.h:123
struct opaque_auth _null_auth
auth_stat
Definition: auth.h:144
Definition: auth.h:145
struct opaque_auth rq_cred
Definition: svc.h:137
smooth NULL
Definition: ftsmooth.c:416
mutex_t authsvc_lock
Definition: mt_misc.c:47
enum auth_stat _svcauth_null(struct svc_req *rqst, struct rpc_msg *msg)
Definition: svc_auth.c:138
int svc_auth_reg(int cred_flavor, enum auth_stat *handler)
Definition: svc_auth.c:160
#define AUTH_NULL
Definition: auth.h:402
enum auth_stat _authenticate(struct svc_req *rqst, struct rpc_msg *msg)
Definition: svc_auth.c:86
#define AUTH_SYS
Definition: auth.h:403
unsigned char dummy
Definition: maze.c:118
enum auth_stat _svcauth_short(struct svc_req *rqst, struct rpc_msg *msg)
Definition: svc.h:132
#define AUTH_DES
Definition: auth.h:407
#define msg(x)
Definition: auth_time.c:54
struct opaque_auth xp_verf
Definition: svc.h:121
enum auth_stat _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg)
Definition: svc_auth_des.c:106
#define AUTH_SHORT
Definition: auth.h:405
UINT(* handler)(MSIPACKAGE *)
Definition: action.c:7786
Definition: module.h:446
int flavor
Definition: svc_auth.c:61