xref: /freebsd/lib/libc/rpc/svc_auth.c (revision 61ba55bcf70f2340f9c943c9571113b3fd8eda69) 
1 /*	$NetBSD: svc_auth.c,v 1.12 2000/07/06 03:10:35 christos Exp $	*/
2 
3 /*-
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  * Copyright (c) 2009, Sun Microsystems, Inc.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions are met:
11  * - Redistributions of source code must retain the above copyright notice,
12  *   this list of conditions and the following disclaimer.
13  * - Redistributions in binary form must reproduce the above copyright notice,
14  *   this list of conditions and the following disclaimer in the documentation
15  *   and/or other materials provided with the distribution.
16  * - Neither the name of Sun Microsystems, Inc. nor the names of its
17  *   contributors may be used to endorse or promote products derived
18  *   from this software without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
24  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30  * POSSIBILITY OF SUCH DAMAGE.
31  */
32 /*
33  * Copyright (c) 1986-1991 by Sun Microsystems Inc.
34  */
35 
36 #if defined(LIBC_SCCS) && !defined(lint)
37 #ident	"@(#)svc_auth.c	1.16	94/04/24 SMI"
38 static char sccsid[] = "@(#)svc_auth.c 1.26 89/02/07 Copyr 1984 Sun Micro";
39 #endif
40 #include <sys/cdefs.h>
41 /*
42  * svc_auth.c, Server-side rpc authenticator interface.
43  *
44  */
45 
46 #include "namespace.h"
47 #include "reentrant.h"
48 #include <sys/types.h>
49 #include <rpc/rpc.h>
50 #include <stdlib.h>
51 #include "un-namespace.h"
52 #include "mt_misc.h"
53 
54 /*
55  * svcauthsw is the bdevsw of server side authentication.
56  *
57  * Server side authenticators are called from authenticate by
58  * using the client auth struct flavor field to index into svcauthsw.
59  * The server auth flavors must implement a routine that looks
60  * like:
61  *
62  *	enum auth_stat
63  *	flavorx_auth(rqst, msg)
64  *		struct svc_req *rqst;
65  *		struct rpc_msg *msg;
66  *
67  */
68 
69 /* declarations to allow servers to specify new authentication flavors */
70 struct authsvc {
71 	int	flavor;
72 	enum	auth_stat (*handler)(struct svc_req *, struct rpc_msg *);
73 	struct	authsvc	  *next;
74 };
75 static struct authsvc *Auths = NULL;
76 
77 struct svc_auth_ops svc_auth_null_ops;
78 
79 /*
80  * The call rpc message, msg has been obtained from the wire.  The msg contains
81  * the raw form of credentials and verifiers.  authenticate returns AUTH_OK
82  * if the msg is successfully authenticated.  If AUTH_OK then the routine also
83  * does the following things:
84  * set rqst->rq_xprt->verf to the appropriate response verifier;
85  * sets rqst->rq_client_cred to the "cooked" form of the credentials.
86  *
87  * NB: rqst->rq_cxprt->verf must be pre-allocated;
88  * its length is set appropriately.
89  *
90  * The caller still owns and is responsible for msg->u.cmb.cred and
91  * msg->u.cmb.verf.  The authentication system retains ownership of
92  * rqst->rq_client_cred, the cooked credentials.
93  *
94  * There is an assumption that any flavour less than AUTH_NULL is
95  * invalid.
96  */
97 enum auth_stat
98 _authenticate(struct svc_req *rqst, struct rpc_msg *msg)
99 {
100 	int cred_flavor;
101 	struct authsvc *asp;
102 	enum auth_stat dummy;
103 
104 /* VARIABLES PROTECTED BY authsvc_lock: asp, Auths */
105 
106 	rqst->rq_cred = msg->rm_call.cb_cred;
107 	SVC_AUTH(rqst->rq_xprt).svc_ah_ops = &svc_auth_null_ops;
108 	SVC_AUTH(rqst->rq_xprt).svc_ah_private = NULL;
109 	rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor;
110 	rqst->rq_xprt->xp_verf.oa_length = 0;
111 	cred_flavor = rqst->rq_cred.oa_flavor;
112 	switch (cred_flavor) {
113 	case AUTH_NULL:
114 		dummy = _svcauth_null(rqst, msg);
115 		return (dummy);
116 	case AUTH_SYS:
117 		dummy = _svcauth_unix(rqst, msg);
118 		return (dummy);
119 	case AUTH_SHORT:
120 		dummy = _svcauth_short(rqst, msg);
121 		return (dummy);
122 #ifdef DES_BUILTIN
123 	case AUTH_DES:
124 		dummy = _svcauth_des(rqst, msg);
125 		return (dummy);
126 #endif
127 	default:
128 		break;
129 	}
130 
131 	/* flavor doesn't match any of the builtin types, so try new ones */
132 	mutex_lock(&authsvc_lock);
133 	for (asp = Auths; asp; asp = asp->next) {
134 		if (asp->flavor == cred_flavor) {
135 			enum auth_stat as;
136 
137 			as = (*asp->handler)(rqst, msg);
138 			mutex_unlock(&authsvc_lock);
139 			return (as);
140 		}
141 	}
142 	mutex_unlock(&authsvc_lock);
143 
144 	return (AUTH_REJECTEDCRED);
145 }
146 
147 /*
148  * A set of null auth methods used by any authentication protocols
149  * that don't need to inspect or modify the message body.
150  */
151 static bool_t
152 svcauth_null_wrap(SVCAUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
153 {
154 
155 	return (xdr_func(xdrs, xdr_ptr));
156 }
157 
158 struct svc_auth_ops svc_auth_null_ops = {
159 	svcauth_null_wrap,
160 	svcauth_null_wrap,
161 };
162 
163 /*ARGSUSED*/
164 enum auth_stat
165 _svcauth_null(struct svc_req *rqst, struct rpc_msg *msg)
166 {
167 	return (AUTH_OK);
168 }
169 
170 /*
171  *  Allow the rpc service to register new authentication types that it is
172  *  prepared to handle.  When an authentication flavor is registered,
173  *  the flavor is checked against already registered values.  If not
174  *  registered, then a new Auths entry is added on the list.
175  *
176  *  There is no provision to delete a registration once registered.
177  *
178  *  This routine returns:
179  *	 0 if registration successful
180  *	 1 if flavor already registered
181  *	-1 if can't register (errno set)
182  */
183 
184 int
185 svc_auth_reg(int cred_flavor,
186     enum auth_stat (*handler)(struct svc_req *, struct rpc_msg *))
187 {
188 	struct authsvc *asp;
189 
190 	switch (cred_flavor) {
191 	    case AUTH_NULL:
192 	    case AUTH_SYS:
193 	    case AUTH_SHORT:
194 #ifdef DES_BUILTIN
195 	    case AUTH_DES:
196 #endif
197 		/* already registered */
198 		return (1);
199 
200 	    default:
201 		mutex_lock(&authsvc_lock);
202 		for (asp = Auths; asp; asp = asp->next) {
203 			if (asp->flavor == cred_flavor) {
204 				/* already registered */
205 				mutex_unlock(&authsvc_lock);
206 				return (1);
207 			}
208 		}
209 
210 		/* this is a new one, so go ahead and register it */
211 		asp = mem_alloc(sizeof (*asp));
212 		if (asp == NULL) {
213 			mutex_unlock(&authsvc_lock);
214 			return (-1);
215 		}
216 		asp->flavor = cred_flavor;
217 		asp->handler = handler;
218 		asp->next = Auths;
219 		Auths = asp;
220 		mutex_unlock(&authsvc_lock);
221 		break;
222 	}
223 	return (0);
224 }
225