1dfdcada3SDoug Rabson /* $NetBSD: auth_unix.c,v 1.18 2000/07/06 03:03:30 christos Exp $ */
2dfdcada3SDoug Rabson
32e322d37SHiroki Sato /*-
451369649SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause
551369649SPedro F. Giffuni *
62e322d37SHiroki Sato * Copyright (c) 2009, Sun Microsystems, Inc.
72e322d37SHiroki Sato * All rights reserved.
8dfdcada3SDoug Rabson *
92e322d37SHiroki Sato * Redistribution and use in source and binary forms, with or without
102e322d37SHiroki Sato * modification, are permitted provided that the following conditions are met:
112e322d37SHiroki Sato * - Redistributions of source code must retain the above copyright notice,
122e322d37SHiroki Sato * this list of conditions and the following disclaimer.
132e322d37SHiroki Sato * - Redistributions in binary form must reproduce the above copyright notice,
142e322d37SHiroki Sato * this list of conditions and the following disclaimer in the documentation
152e322d37SHiroki Sato * and/or other materials provided with the distribution.
162e322d37SHiroki Sato * - Neither the name of Sun Microsystems, Inc. nor the names of its
172e322d37SHiroki Sato * contributors may be used to endorse or promote products derived
182e322d37SHiroki Sato * from this software without specific prior written permission.
19dfdcada3SDoug Rabson *
202e322d37SHiroki Sato * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
212e322d37SHiroki Sato * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
222e322d37SHiroki Sato * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
232e322d37SHiroki Sato * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
242e322d37SHiroki Sato * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
252e322d37SHiroki Sato * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
262e322d37SHiroki Sato * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
272e322d37SHiroki Sato * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
282e322d37SHiroki Sato * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
292e322d37SHiroki Sato * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
302e322d37SHiroki Sato * POSSIBILITY OF SUCH DAMAGE.
31dfdcada3SDoug Rabson */
32dfdcada3SDoug Rabson
33dfdcada3SDoug Rabson #include <sys/cdefs.h>
34dfdcada3SDoug Rabson /*
35dfdcada3SDoug Rabson * auth_unix.c, Implements UNIX style authentication parameters.
36dfdcada3SDoug Rabson *
37dfdcada3SDoug Rabson * Copyright (C) 1984, Sun Microsystems, Inc.
38dfdcada3SDoug Rabson *
39dfdcada3SDoug Rabson * The system is very weak. The client uses no encryption for it's
40dfdcada3SDoug Rabson * credentials and only sends null verifiers. The server sends backs
41dfdcada3SDoug Rabson * null verifiers or optionally a verifier that suggests a new short hand
42dfdcada3SDoug Rabson * for the credentials.
43dfdcada3SDoug Rabson *
44dfdcada3SDoug Rabson */
45dfdcada3SDoug Rabson
46dfdcada3SDoug Rabson #include <sys/param.h>
47dfdcada3SDoug Rabson #include <sys/systm.h>
48c675522fSDoug Rabson #include <sys/hash.h>
49c675522fSDoug Rabson #include <sys/kernel.h>
50dfdcada3SDoug Rabson #include <sys/lock.h>
51dfdcada3SDoug Rabson #include <sys/malloc.h>
529458af18SDoug Rabson #include <sys/pcpu.h>
536dc0afa8SDoug Rabson #include <sys/refcount.h>
54c675522fSDoug Rabson #include <sys/sx.h>
55dfdcada3SDoug Rabson #include <sys/ucred.h>
56dfdcada3SDoug Rabson
57dfdcada3SDoug Rabson #include <rpc/types.h>
58dfdcada3SDoug Rabson #include <rpc/xdr.h>
59dfdcada3SDoug Rabson #include <rpc/auth.h>
60a9148abdSDoug Rabson #include <rpc/clnt.h>
61dfdcada3SDoug Rabson
62ee31b83aSDoug Rabson #include <rpc/rpc_com.h>
63dfdcada3SDoug Rabson
64dfdcada3SDoug Rabson /* auth_unix.c */
65dfdcada3SDoug Rabson static void authunix_nextverf (AUTH *);
66a9148abdSDoug Rabson static bool_t authunix_marshal (AUTH *, uint32_t, XDR *, struct mbuf *);
67a9148abdSDoug Rabson static bool_t authunix_validate (AUTH *, uint32_t, struct opaque_auth *,
68a9148abdSDoug Rabson struct mbuf **);
69dfdcada3SDoug Rabson static bool_t authunix_refresh (AUTH *, void *);
70dfdcada3SDoug Rabson static void authunix_destroy (AUTH *);
71dfdcada3SDoug Rabson static void marshal_new_auth (AUTH *);
72dfdcada3SDoug Rabson
7320d728b5SMark Johnston static const struct auth_ops authunix_ops = {
74dfdcada3SDoug Rabson .ah_nextverf = authunix_nextverf,
75dfdcada3SDoug Rabson .ah_marshal = authunix_marshal,
76dfdcada3SDoug Rabson .ah_validate = authunix_validate,
77dfdcada3SDoug Rabson .ah_refresh = authunix_refresh,
78a9148abdSDoug Rabson .ah_destroy = authunix_destroy,
79dfdcada3SDoug Rabson };
80dfdcada3SDoug Rabson
81dfdcada3SDoug Rabson /*
82dfdcada3SDoug Rabson * This struct is pointed to by the ah_private field of an auth_handle.
83dfdcada3SDoug Rabson */
84dfdcada3SDoug Rabson struct audata {
85c675522fSDoug Rabson TAILQ_ENTRY(audata) au_link;
86c675522fSDoug Rabson TAILQ_ENTRY(audata) au_alllink;
876dc0afa8SDoug Rabson volatile u_int au_refs;
88c675522fSDoug Rabson struct xucred au_xcred;
89dfdcada3SDoug Rabson struct opaque_auth au_origcred; /* original credentials */
90dfdcada3SDoug Rabson struct opaque_auth au_shcred; /* short hand cred */
91dfdcada3SDoug Rabson u_long au_shfaults; /* short hand cache faults */
92dfdcada3SDoug Rabson char au_marshed[MAX_AUTH_BYTES];
93dfdcada3SDoug Rabson u_int au_mpos; /* xdr pos at end of marshed */
94c675522fSDoug Rabson AUTH *au_auth; /* link back to AUTH */
95dfdcada3SDoug Rabson };
96c675522fSDoug Rabson TAILQ_HEAD(audata_list, audata);
97dfdcada3SDoug Rabson #define AUTH_PRIVATE(auth) ((struct audata *)auth->ah_private)
98dfdcada3SDoug Rabson
99c675522fSDoug Rabson #define AUTH_UNIX_HASH_SIZE 16
100c675522fSDoug Rabson #define AUTH_UNIX_MAX 256
101c675522fSDoug Rabson static struct audata_list auth_unix_cache[AUTH_UNIX_HASH_SIZE];
102c675522fSDoug Rabson static struct audata_list auth_unix_all;
103c675522fSDoug Rabson static struct sx auth_unix_lock;
104c675522fSDoug Rabson static int auth_unix_count;
105c675522fSDoug Rabson
106c675522fSDoug Rabson static void
authunix_init(void * dummy)107c675522fSDoug Rabson authunix_init(void *dummy)
108c675522fSDoug Rabson {
109c675522fSDoug Rabson int i;
110c675522fSDoug Rabson
111c675522fSDoug Rabson for (i = 0; i < AUTH_UNIX_HASH_SIZE; i++)
112c675522fSDoug Rabson TAILQ_INIT(&auth_unix_cache[i]);
113c675522fSDoug Rabson TAILQ_INIT(&auth_unix_all);
114c675522fSDoug Rabson sx_init(&auth_unix_lock, "auth_unix_lock");
115c675522fSDoug Rabson }
116c675522fSDoug Rabson SYSINIT(authunix_init, SI_SUB_KMEM, SI_ORDER_ANY, authunix_init, NULL);
117c675522fSDoug Rabson
118dfdcada3SDoug Rabson /*
119dfdcada3SDoug Rabson * Create a unix style authenticator.
120dfdcada3SDoug Rabson * Returns an auth handle with the given stuff in it.
121dfdcada3SDoug Rabson */
122dfdcada3SDoug Rabson AUTH *
authunix_create(struct ucred * cred)123dfdcada3SDoug Rabson authunix_create(struct ucred *cred)
124dfdcada3SDoug Rabson {
125c675522fSDoug Rabson uint32_t h, th;
126dfdcada3SDoug Rabson struct xucred xcr;
127dfdcada3SDoug Rabson char mymem[MAX_AUTH_BYTES];
128dfdcada3SDoug Rabson XDR xdrs;
129dfdcada3SDoug Rabson AUTH *auth;
130c675522fSDoug Rabson struct audata *au, *tau;
131dfdcada3SDoug Rabson struct timeval now;
132dfdcada3SDoug Rabson uint32_t time;
133dfdcada3SDoug Rabson int len;
134dfdcada3SDoug Rabson
135c675522fSDoug Rabson if (auth_unix_count > AUTH_UNIX_MAX) {
136c675522fSDoug Rabson while (auth_unix_count > AUTH_UNIX_MAX) {
137c675522fSDoug Rabson sx_xlock(&auth_unix_lock);
138c675522fSDoug Rabson tau = TAILQ_FIRST(&auth_unix_all);
139c675522fSDoug Rabson th = HASHSTEP(HASHINIT, tau->au_xcred.cr_uid)
140c675522fSDoug Rabson % AUTH_UNIX_HASH_SIZE;
141c675522fSDoug Rabson TAILQ_REMOVE(&auth_unix_cache[th], tau, au_link);
142c675522fSDoug Rabson TAILQ_REMOVE(&auth_unix_all, tau, au_alllink);
143c675522fSDoug Rabson auth_unix_count--;
144c675522fSDoug Rabson sx_xunlock(&auth_unix_lock);
145c675522fSDoug Rabson AUTH_DESTROY(tau->au_auth);
146c675522fSDoug Rabson }
147c675522fSDoug Rabson }
148c675522fSDoug Rabson
149c675522fSDoug Rabson /*
150c675522fSDoug Rabson * Hash the uid to see if we already have an AUTH with this cred.
151c675522fSDoug Rabson */
152c675522fSDoug Rabson h = HASHSTEP(HASHINIT, cred->cr_uid) % AUTH_UNIX_HASH_SIZE;
153c675522fSDoug Rabson cru2x(cred, &xcr);
154c675522fSDoug Rabson again:
155c675522fSDoug Rabson sx_slock(&auth_unix_lock);
156c675522fSDoug Rabson TAILQ_FOREACH(au, &auth_unix_cache[h], au_link) {
157c675522fSDoug Rabson if (!memcmp(&xcr, &au->au_xcred, sizeof(xcr))) {
1586dc0afa8SDoug Rabson refcount_acquire(&au->au_refs);
159c675522fSDoug Rabson if (sx_try_upgrade(&auth_unix_lock)) {
160c675522fSDoug Rabson /*
161c675522fSDoug Rabson * Keep auth_unix_all LRU sorted.
162c675522fSDoug Rabson */
163c675522fSDoug Rabson TAILQ_REMOVE(&auth_unix_all, au, au_alllink);
164c675522fSDoug Rabson TAILQ_INSERT_TAIL(&auth_unix_all, au,
165c675522fSDoug Rabson au_alllink);
166c675522fSDoug Rabson sx_xunlock(&auth_unix_lock);
167c675522fSDoug Rabson } else {
168c675522fSDoug Rabson sx_sunlock(&auth_unix_lock);
1696dc0afa8SDoug Rabson }
1706dc0afa8SDoug Rabson return (au->au_auth);
171c675522fSDoug Rabson }
172c675522fSDoug Rabson }
1736dc0afa8SDoug Rabson
1746dc0afa8SDoug Rabson sx_sunlock(&auth_unix_lock);
175c675522fSDoug Rabson
176dfdcada3SDoug Rabson /*
177dfdcada3SDoug Rabson * Allocate and set up auth handle
178dfdcada3SDoug Rabson */
179dfdcada3SDoug Rabson au = NULL;
180dfdcada3SDoug Rabson auth = mem_alloc(sizeof(*auth));
181dfdcada3SDoug Rabson au = mem_alloc(sizeof(*au));
182dfdcada3SDoug Rabson auth->ah_ops = &authunix_ops;
183dfdcada3SDoug Rabson auth->ah_private = (caddr_t)au;
184dfdcada3SDoug Rabson auth->ah_verf = au->au_shcred = _null_auth;
1856dc0afa8SDoug Rabson refcount_init(&au->au_refs, 1);
186c675522fSDoug Rabson au->au_xcred = xcr;
187dfdcada3SDoug Rabson au->au_shfaults = 0;
188dfdcada3SDoug Rabson au->au_origcred.oa_base = NULL;
189c675522fSDoug Rabson au->au_auth = auth;
190dfdcada3SDoug Rabson
191dfdcada3SDoug Rabson getmicrotime(&now);
192dfdcada3SDoug Rabson time = now.tv_sec;
193dfdcada3SDoug Rabson
194dfdcada3SDoug Rabson /*
195dfdcada3SDoug Rabson * Serialize the parameters into origcred
196dfdcada3SDoug Rabson */
197dfdcada3SDoug Rabson xdrmem_create(&xdrs, mymem, MAX_AUTH_BYTES, XDR_ENCODE);
198dfdcada3SDoug Rabson cru2x(cred, &xcr);
199dfdcada3SDoug Rabson if (! xdr_authunix_parms(&xdrs, &time, &xcr))
200dfdcada3SDoug Rabson panic("authunix_create: failed to encode creds");
201dfdcada3SDoug Rabson au->au_origcred.oa_length = len = XDR_GETPOS(&xdrs);
202dfdcada3SDoug Rabson au->au_origcred.oa_flavor = AUTH_UNIX;
203dfdcada3SDoug Rabson au->au_origcred.oa_base = mem_alloc((u_int) len);
204dfdcada3SDoug Rabson memcpy(au->au_origcred.oa_base, mymem, (size_t)len);
205dfdcada3SDoug Rabson
206dfdcada3SDoug Rabson /*
207dfdcada3SDoug Rabson * set auth handle to reflect new cred.
208dfdcada3SDoug Rabson */
209dfdcada3SDoug Rabson auth->ah_cred = au->au_origcred;
210dfdcada3SDoug Rabson marshal_new_auth(auth);
211c675522fSDoug Rabson
2126dc0afa8SDoug Rabson sx_xlock(&auth_unix_lock);
2136dc0afa8SDoug Rabson TAILQ_FOREACH(tau, &auth_unix_cache[h], au_link) {
2146dc0afa8SDoug Rabson if (!memcmp(&xcr, &tau->au_xcred, sizeof(xcr))) {
2156dc0afa8SDoug Rabson /*
2166dc0afa8SDoug Rabson * We lost a race to create the AUTH that
2176dc0afa8SDoug Rabson * matches this cred.
2186dc0afa8SDoug Rabson */
219c675522fSDoug Rabson sx_xunlock(&auth_unix_lock);
220c675522fSDoug Rabson AUTH_DESTROY(auth);
221c675522fSDoug Rabson goto again;
222dfdcada3SDoug Rabson }
223dfdcada3SDoug Rabson }
224dfdcada3SDoug Rabson
2256dc0afa8SDoug Rabson auth_unix_count++;
2266dc0afa8SDoug Rabson TAILQ_INSERT_TAIL(&auth_unix_cache[h], au, au_link);
2276dc0afa8SDoug Rabson TAILQ_INSERT_TAIL(&auth_unix_all, au, au_alllink);
2286dc0afa8SDoug Rabson refcount_acquire(&au->au_refs); /* one for the cache, one for user */
2296dc0afa8SDoug Rabson sx_xunlock(&auth_unix_lock);
2306dc0afa8SDoug Rabson
2316dc0afa8SDoug Rabson return (auth);
2326dc0afa8SDoug Rabson }
2336dc0afa8SDoug Rabson
234dfdcada3SDoug Rabson /*
235dfdcada3SDoug Rabson * authunix operations
236dfdcada3SDoug Rabson */
237dfdcada3SDoug Rabson
238dfdcada3SDoug Rabson /* ARGSUSED */
239dfdcada3SDoug Rabson static void
authunix_nextverf(AUTH * auth)240dfdcada3SDoug Rabson authunix_nextverf(AUTH *auth)
241dfdcada3SDoug Rabson {
242dfdcada3SDoug Rabson /* no action necessary */
243dfdcada3SDoug Rabson }
244dfdcada3SDoug Rabson
245dfdcada3SDoug Rabson static bool_t
authunix_marshal(AUTH * auth,uint32_t xid,XDR * xdrs,struct mbuf * args)246a9148abdSDoug Rabson authunix_marshal(AUTH *auth, uint32_t xid, XDR *xdrs, struct mbuf *args)
247dfdcada3SDoug Rabson {
248dfdcada3SDoug Rabson struct audata *au;
249dfdcada3SDoug Rabson
250dfdcada3SDoug Rabson au = AUTH_PRIVATE(auth);
251a9148abdSDoug Rabson if (!XDR_PUTBYTES(xdrs, au->au_marshed, au->au_mpos))
252a9148abdSDoug Rabson return (FALSE);
253a9148abdSDoug Rabson
254*66612e67SGleb Smirnoff return (xdr_putmbuf(xdrs, args));
255dfdcada3SDoug Rabson }
256dfdcada3SDoug Rabson
257dfdcada3SDoug Rabson static bool_t
authunix_validate(AUTH * auth,uint32_t xid,struct opaque_auth * verf,struct mbuf ** mrepp)258a9148abdSDoug Rabson authunix_validate(AUTH *auth, uint32_t xid, struct opaque_auth *verf,
259a9148abdSDoug Rabson struct mbuf **mrepp)
260dfdcada3SDoug Rabson {
261dfdcada3SDoug Rabson struct audata *au;
262a9148abdSDoug Rabson XDR txdrs;
263a9148abdSDoug Rabson
264a9148abdSDoug Rabson if (!verf)
265a9148abdSDoug Rabson return (TRUE);
266dfdcada3SDoug Rabson
267dfdcada3SDoug Rabson if (verf->oa_flavor == AUTH_SHORT) {
268dfdcada3SDoug Rabson au = AUTH_PRIVATE(auth);
269a9148abdSDoug Rabson xdrmem_create(&txdrs, verf->oa_base, verf->oa_length,
270dfdcada3SDoug Rabson XDR_DECODE);
271dfdcada3SDoug Rabson
272dfdcada3SDoug Rabson if (au->au_shcred.oa_base != NULL) {
273dfdcada3SDoug Rabson mem_free(au->au_shcred.oa_base,
274dfdcada3SDoug Rabson au->au_shcred.oa_length);
275dfdcada3SDoug Rabson au->au_shcred.oa_base = NULL;
276dfdcada3SDoug Rabson }
277a9148abdSDoug Rabson if (xdr_opaque_auth(&txdrs, &au->au_shcred)) {
278dfdcada3SDoug Rabson auth->ah_cred = au->au_shcred;
279dfdcada3SDoug Rabson } else {
280a9148abdSDoug Rabson txdrs.x_op = XDR_FREE;
281a9148abdSDoug Rabson (void)xdr_opaque_auth(&txdrs, &au->au_shcred);
282dfdcada3SDoug Rabson au->au_shcred.oa_base = NULL;
283dfdcada3SDoug Rabson auth->ah_cred = au->au_origcred;
284dfdcada3SDoug Rabson }
285dfdcada3SDoug Rabson marshal_new_auth(auth);
286dfdcada3SDoug Rabson }
287a9148abdSDoug Rabson
288dfdcada3SDoug Rabson return (TRUE);
289dfdcada3SDoug Rabson }
290dfdcada3SDoug Rabson
291dfdcada3SDoug Rabson static bool_t
authunix_refresh(AUTH * auth,void * dummy)292dfdcada3SDoug Rabson authunix_refresh(AUTH *auth, void *dummy)
293dfdcada3SDoug Rabson {
294dfdcada3SDoug Rabson struct audata *au = AUTH_PRIVATE(auth);
295dfdcada3SDoug Rabson struct xucred xcr;
296dfdcada3SDoug Rabson uint32_t time;
297dfdcada3SDoug Rabson struct timeval now;
298dfdcada3SDoug Rabson XDR xdrs;
299dfdcada3SDoug Rabson int stat;
300dfdcada3SDoug Rabson
301dfdcada3SDoug Rabson if (auth->ah_cred.oa_base == au->au_origcred.oa_base) {
302dfdcada3SDoug Rabson /* there is no hope. Punt */
303dfdcada3SDoug Rabson return (FALSE);
304dfdcada3SDoug Rabson }
305dfdcada3SDoug Rabson au->au_shfaults ++;
306dfdcada3SDoug Rabson
307dfdcada3SDoug Rabson /* first deserialize the creds back into a struct ucred */
308dfdcada3SDoug Rabson xdrmem_create(&xdrs, au->au_origcred.oa_base,
309dfdcada3SDoug Rabson au->au_origcred.oa_length, XDR_DECODE);
310dfdcada3SDoug Rabson stat = xdr_authunix_parms(&xdrs, &time, &xcr);
311dfdcada3SDoug Rabson if (! stat)
312dfdcada3SDoug Rabson goto done;
313dfdcada3SDoug Rabson
314dfdcada3SDoug Rabson /* update the time and serialize in place */
315dfdcada3SDoug Rabson getmicrotime(&now);
316dfdcada3SDoug Rabson time = now.tv_sec;
317dfdcada3SDoug Rabson xdrs.x_op = XDR_ENCODE;
318dfdcada3SDoug Rabson XDR_SETPOS(&xdrs, 0);
319dfdcada3SDoug Rabson
320dfdcada3SDoug Rabson stat = xdr_authunix_parms(&xdrs, &time, &xcr);
321dfdcada3SDoug Rabson if (! stat)
322dfdcada3SDoug Rabson goto done;
323dfdcada3SDoug Rabson auth->ah_cred = au->au_origcred;
324dfdcada3SDoug Rabson marshal_new_auth(auth);
325dfdcada3SDoug Rabson done:
326dfdcada3SDoug Rabson XDR_DESTROY(&xdrs);
327dfdcada3SDoug Rabson return (stat);
328dfdcada3SDoug Rabson }
329dfdcada3SDoug Rabson
330dfdcada3SDoug Rabson static void
authunix_destroy(AUTH * auth)331dfdcada3SDoug Rabson authunix_destroy(AUTH *auth)
332dfdcada3SDoug Rabson {
333dfdcada3SDoug Rabson struct audata *au;
334dfdcada3SDoug Rabson
335dfdcada3SDoug Rabson au = AUTH_PRIVATE(auth);
336c675522fSDoug Rabson
3376dc0afa8SDoug Rabson if (!refcount_release(&au->au_refs))
338c675522fSDoug Rabson return;
339c675522fSDoug Rabson
340dfdcada3SDoug Rabson mem_free(au->au_origcred.oa_base, au->au_origcred.oa_length);
341dfdcada3SDoug Rabson
342dfdcada3SDoug Rabson if (au->au_shcred.oa_base != NULL)
343dfdcada3SDoug Rabson mem_free(au->au_shcred.oa_base, au->au_shcred.oa_length);
344dfdcada3SDoug Rabson
345dfdcada3SDoug Rabson mem_free(auth->ah_private, sizeof(struct audata));
346dfdcada3SDoug Rabson
347dfdcada3SDoug Rabson if (auth->ah_verf.oa_base != NULL)
348dfdcada3SDoug Rabson mem_free(auth->ah_verf.oa_base, auth->ah_verf.oa_length);
349dfdcada3SDoug Rabson
350dfdcada3SDoug Rabson mem_free(auth, sizeof(*auth));
351dfdcada3SDoug Rabson }
352dfdcada3SDoug Rabson
353dfdcada3SDoug Rabson /*
354dfdcada3SDoug Rabson * Marshals (pre-serializes) an auth struct.
355dfdcada3SDoug Rabson * sets private data, au_marshed and au_mpos
356dfdcada3SDoug Rabson */
357dfdcada3SDoug Rabson static void
marshal_new_auth(AUTH * auth)358dfdcada3SDoug Rabson marshal_new_auth(AUTH *auth)
359dfdcada3SDoug Rabson {
360dfdcada3SDoug Rabson XDR xdr_stream;
361dfdcada3SDoug Rabson XDR *xdrs = &xdr_stream;
362dfdcada3SDoug Rabson struct audata *au;
363dfdcada3SDoug Rabson
364dfdcada3SDoug Rabson au = AUTH_PRIVATE(auth);
365dfdcada3SDoug Rabson xdrmem_create(xdrs, au->au_marshed, MAX_AUTH_BYTES, XDR_ENCODE);
366dfdcada3SDoug Rabson if ((! xdr_opaque_auth(xdrs, &(auth->ah_cred))) ||
367dfdcada3SDoug Rabson (! xdr_opaque_auth(xdrs, &(auth->ah_verf))))
368dfdcada3SDoug Rabson printf("auth_none.c - Fatal marshalling problem");
369dfdcada3SDoug Rabson else
370dfdcada3SDoug Rabson au->au_mpos = XDR_GETPOS(xdrs);
371dfdcada3SDoug Rabson XDR_DESTROY(xdrs);
372dfdcada3SDoug Rabson }
373