extern rwlock_t svc_lock;
extern rwlock_t svc_fd_lock;
-#ifdef HAVE_LIBGSSAPI
-extern struct svc_auth_ops svc_auth_gss_ops;
-#endif
static struct svc_callout *svc_find (rpcprog_t, rpcvers_t,
struct svc_callout **, char *);
SVC_DESTROY (xprt);
break;
}
- else if ((xprt->xp_auth != NULL)
-#ifdef HAVE_LIBGSSAPI
- && (xprt->xp_auth->svc_ah_ops != &svc_auth_gss_ops)
-#endif
- ) {
+ else if ((xprt->xp_auth != NULL) &&
+ (xprt->xp_auth->svc_ah_private == NULL))
+ {
xprt->xp_auth = NULL;
}
}
#include <rpc/rpc.h>
+extern SVCAUTH svc_auth_none;
+
/*
* Unix longhand authenticator
*/
assert(rqst != NULL);
assert(msg != NULL);
+ rqst->rq_xprt->xp_auth = &svc_auth_none;
+
area = (struct area *) rqst->rq_clntcred;
aup = &area->area_aup;
aup->aup_machname = area->area_machname;
struct svc_req *rqst;
struct rpc_msg *msg;
{
+ rqst->rq_xprt->xp_auth = &svc_auth_none;
return (AUTH_REJECTEDCRED);
}
su->su_cache = NULL;
xprt->xp_fd = fd;
xprt->xp_p2 = su;
+ xprt->xp_auth = NULL;
xprt->xp_verf.oa_base = su->su_verfbody;
svc_dg_ops(xprt);
xprt->xp_rtaddr.maxlen = sizeof (struct sockaddr_storage);
bool_t stat = FALSE;
size_t slen;
+ xdrproc_t xdr_results;
+ caddr_t xdr_location;
+ bool_t has_args;
+
+ if (msg->rm_reply.rp_stat == MSG_ACCEPTED &&
+ msg->rm_reply.rp_acpt.ar_stat == SUCCESS) {
+ has_args = TRUE;
+ xdr_results = msg->acpted_rply.ar_results.proc;
+ xdr_location = msg->acpted_rply.ar_results.where;
+
+ msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
+ msg->acpted_rply.ar_results.where = NULL;
+ } else
+ has_args = FALSE;
+
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS(xdrs, 0);
msg->rm_xid = su->su_xid;
- if (xdr_replymsg(xdrs, msg)) {
+ if (xdr_replymsg(xdrs, msg) &&
+ (!has_args ||
+ (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
struct msghdr *msg = &su->su_msghdr;
struct iovec iov;
xdrproc_t xdr_args;
void *args_ptr;
{
- return (*xdr_args)(&(su_data(xprt)->su_xdrs), args_ptr);
+ if (! SVCAUTH_UNWRAP(xprt->xp_auth, &(su_data(xprt)->su_xdrs),
+ xdr_args, args_ptr)) {
+ (void)svc_freeargs(xprt, xdr_args, args_ptr);
+ return FALSE;
+ }
+ return TRUE;
}
static bool_t
xprt_unregister(xprt);
if (xprt->xp_fd != -1)
(void)close(xprt->xp_fd);
+ if (xprt->xp_auth != NULL) {
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
+ }
XDR_DESTROY(&(su->su_xdrs));
(void) mem_free(rpc_buffer(xprt), su->su_iosz);
(void) mem_free(su, sizeof (*su));
xprt->xp_p1 = r;
xprt->xp_p2 = NULL;
xprt->xp_p3 = NULL;
+ xprt->xp_auth = NULL;
xprt->xp_verf = _null_auth;
svc_vc_rendezvous_ops(xprt);
xprt->xp_port = (u_short)-1; /* It is the rendezvouser */
xdrrec_create(&(cd->xdrs), sendsize, recvsize,
xprt, read_vc, write_vc);
xprt->xp_p1 = cd;
+ xprt->xp_auth = NULL;
xprt->xp_verf.oa_base = cd->verf_body;
svc_vc_ops(xprt); /* truely deals with calls */
xprt->xp_port = 0; /* this is a connection, not a rendezvouser */
XDR_DESTROY(&(cd->xdrs));
mem_free(cd, sizeof(struct cf_conn));
}
+ if (xprt->xp_auth != NULL) {
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
+ }
if (xprt->xp_rtaddr.buf)
mem_free(xprt->xp_rtaddr.buf, xprt->xp_rtaddr.maxlen);
if (xprt->xp_ltaddr.buf)
assert(xprt != NULL);
/* args_ptr may be NULL */
- return ((*xdr_args)(&(((struct cf_conn *)(xprt->xp_p1))->xdrs),
- args_ptr));
+
+ if (! SVCAUTH_UNWRAP(xprt->xp_auth,
+ &(((struct cf_conn *)(xprt->xp_p1))->xdrs),
+ xdr_args, args_ptr)) {
+ return FALSE;
+ }
+ return TRUE;
}
static bool_t
XDR *xdrs;
bool_t rstat;
+ xdrproc_t xdr_results;
+ caddr_t xdr_location;
+ bool_t has_args;
+
assert(xprt != NULL);
assert(msg != NULL);
cd = (struct cf_conn *)(xprt->xp_p1);
xdrs = &(cd->xdrs);
+ if (msg->rm_reply.rp_stat == MSG_ACCEPTED &&
+ msg->rm_reply.rp_acpt.ar_stat == SUCCESS) {
+ has_args = TRUE;
+ xdr_results = msg->acpted_rply.ar_results.proc;
+ xdr_location = msg->acpted_rply.ar_results.where;
+
+ msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
+ msg->acpted_rply.ar_results.where = NULL;
+ } else
+ has_args = FALSE;
+
xdrs->x_op = XDR_ENCODE;
msg->rm_xid = cd->x_id;
- rstat = xdr_replymsg(xdrs, msg);
+ rstat = FALSE;
+ if (xdr_replymsg(xdrs, msg) &&
+ (!has_args ||
+ (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
+ rstat = TRUE;
+ }
(void)xdrrec_endofrecord(xdrs, TRUE);
return (rstat);
}
/*
* Interface to server-side authentication flavors.
*/
-typedef struct {
+typedef struct SVCAUTH {
struct svc_auth_ops {
- int (*svc_ah_wrap)(void);
- int (*svc_ah_unwrap)(void);
- int (*svc_ah_destroy)(void);
+ int (*svc_ah_wrap)(struct SVCAUTH *, XDR *, xdrproc_t,
+ caddr_t);
+ int (*svc_ah_unwrap)(struct SVCAUTH *, XDR *, xdrproc_t,
+ caddr_t);
+ int (*svc_ah_destroy)(struct SVCAUTH *);
} *svc_ah_ops;
caddr_t svc_ah_private;
} SVCAUTH;
-#define SVCAUTH_DESTROY(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)())
-#define svcauth_destroy(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)())
+#define SVCAUTH_WRAP(auth, xdrs, xfunc, xwhere) \
+ ((*((auth)->svc_ah_ops->svc_ah_wrap))(auth, xdrs, xfunc, xwhere))
+#define SVCAUTH_UNWRAP(auth, xdrs, xfunc, xwhere) \
+ ((*((auth)->svc_ah_ops->svc_ah_unwrap))(auth, xdrs, xfunc, xwhere))
+#define SVCAUTH_DESTROY(auth) \
+ ((*((auth)->svc_ah_ops->svc_ah_destroy))(auth))
/*
* Server side authenticator
projects / libtirpc / commitdiff