rpc.subproj/svc_auth.c

   1 /*
   2  * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
   7  *
   8  * This file contains Original Code and/or Modifications of Original Code
   9  * as defined in and that are subject to the Apple Public Source License
  10  * Version 2.0 (the 'License'). You may not use this file except in
  11  * compliance with the License. Please obtain a copy of the License at
  12  * http://www.opensource.apple.com/apsl/ and read it before using this
  13  * file.
  14  *
  15  * The Original Code and all software distributed under the License are
  16  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  17  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  18  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  19  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  20  * Please see the License for the specific language governing rights and
  21  * limitations under the License.
  22  *
  23  * @APPLE_LICENSE_HEADER_END@
  24  */
  25 /*
  26  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
  27  * unrestricted use provided that this legend is included on all tape
  28  * media and as a part of the software program in whole or part.  Users
  29  * may copy or modify Sun RPC without charge, but are not authorized
  30  * to license or distribute it to anyone else except as part of a product or
  31  * program developed by the user.
  32  *
  33  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
  34  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
  35  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
  36  *
  37  * Sun RPC is provided with no support and without any obligation on the
  38  * part of Sun Microsystems, Inc. to assist in its use, correction,
  39  * modification or enhancement.
  40  *
  41  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
  42  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
  43  * OR ANY PART THEREOF.
  44  *
  45  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
  46  * or profits or other special, indirect and consequential damages, even if
  47  * Sun has been advised of the possibility of such damages.
  48  *
  49  * Sun Microsystems, Inc.
  50  * 2550 Garcia Avenue
  51  * Mountain View, California  94043
  52  */
  53
  54 #if defined(LIBC_SCCS) && !defined(lint)
  55 /*static char *sccsid = "from: @(#)svc_auth.c 1.19 87/08/11 Copyr 1984 Sun Micro";*/
  56 /*static char *sccsid = "from: @(#)svc_auth.c   2.1 88/08/07 4.0 RPCSRC";*/
  57 static char *rcsid = "$Id: svc_auth.c,v 1.3 2002/02/19 20:36:25 epeyton Exp $";
  58 #endif
  59
  60 /*
  61  * svc_auth_nodes.c, Server-side rpc authenticator interface,
  62  * *WITHOUT* DES authentication.
  63  *
  64  * Copyright (C) 1984, Sun Microsystems, Inc.
  65  */
  66
  67 #include <rpc/rpc.h>
  68
  69 /*
  70  * svcauthsw is the bdevsw of server side authentication.
  71  *
  72  * Server side authenticators are called from authenticate by
  73  * using the client auth struct flavor field to index into svcauthsw.
  74  * The server auth flavors must implement a routine that looks
  75  * like:
  76  *
  77  *      enum auth_stat
  78  *      flavorx_auth(rqst, msg)
  79  *              register struct svc_req *rqst;
  80  *              register struct rpc_msg *msg;
  81  *
  82  */
  83
  84 enum auth_stat _svcauth_null();         /* no authentication */
  85 enum auth_stat _svcauth_unix();         /* unix style (uid, gids) */
  86 enum auth_stat _svcauth_short();        /* short hand unix style */
  87
  88 static struct {
  89         enum auth_stat (*authenticator)();
  90 } svcauthsw[] = {
  91         { _svcauth_null },              /* AUTH_NULL */
  92         { _svcauth_unix },              /* AUTH_UNIX */
  93         { _svcauth_short },             /* AUTH_SHORT */
  94 };
  95 #define AUTH_MAX        2               /* HIGHEST AUTH NUMBER */
  96
  97
  98 /*
  99  * The call rpc message, msg has been obtained from the wire.  The msg contains
 100  * the raw form of credentials and verifiers.  authenticate returns AUTH_OK
 101  * if the msg is successfully authenticated.  If AUTH_OK then the routine also
 102  * does the following things:
 103  * set rqst->rq_xprt->verf to the appropriate response verifier;
 104  * sets rqst->rq_client_cred to the "cooked" form of the credentials.
 105  *
 106  * NB: rqst->rq_cxprt->verf must be pre-alloctaed;
 107  * its length is set appropriately.
 108  *
 109  * The caller still owns and is responsible for msg->u.cmb.cred and
 110  * msg->u.cmb.verf.  The authentication system retains ownership of
 111  * rqst->rq_client_cred, the cooked credentials.
 112  *
 113  * There is an assumption that any flavour less than AUTH_NULL is
 114  * invalid.
 115  */
 116 enum auth_stat
 117 _authenticate(rqst, msg)
 118         register struct svc_req *rqst;
 119         struct rpc_msg *msg;
 120 {
 121         register int cred_flavor;
 122
 123         rqst->rq_cred = msg->rm_call.cb_cred;
 124         rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor;
 125         rqst->rq_xprt->xp_verf.oa_length = 0;
 126         cred_flavor = rqst->rq_cred.oa_flavor;
 127         if ((cred_flavor <= AUTH_MAX) && (cred_flavor >= AUTH_NULL)) {
 128                 return ((*(svcauthsw[cred_flavor].authenticator))(rqst, msg));
 129         }
 130
 131         return (AUTH_REJECTEDCRED);
 132 }
 133
 134 enum auth_stat
 135 _svcauth_null(/*rqst, msg*/)
 136         /*struct svc_req *rqst;
 137         struct rpc_msg *msg;*/
 138 {
 139
 140         return (AUTH_OK);
 141 }