xref: /illumos-gate/usr/src/uts/common/gssapi/gssd_handle.c (revision 8119dad84d6416f13557b0ba8e2aaf9064cbcfd3) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 
23 /*
24  * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
25  */
26 
27 /*
28  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
29  * Use is subject to license terms.
30  */
31 
32 /*
33  *  Kernel code to obtain client handle to gssd server
34  */
35 
36 #include <sys/types.h>
37 #include <gssapi/gssapi.h>
38 #include <gssapi/gssd_prot.h>
39 #include <gssapi/kgssapi_defs.h>
40 
41 #include <sys/systm.h>
42 #include <sys/vnode.h>
43 #include <sys/uio.h>
44 #include <sys/pathname.h>
45 
46 #define	GSSD_RETRY 5
47 
48 kmutex_t	gssrpcb_lock;
49 zone_key_t	gss_zone_key;
50 
51 struct gss_globals {
52 	enum clnt_stat		gss_last_stat;
53 	struct netbuf		gss_netaddr;
54 	struct knetconfig	gss_config;
55 };
56 
57 /* ARGSUSED */
58 void *
59 gss_zone_init(zoneid_t zoneid)
60 {
61 	struct gss_globals *gssg;
62 
63 	gssg = kmem_zalloc(sizeof (*gssg), KM_SLEEP);
64 	return (gssg);
65 }
66 
67 /* ARGSUSED */
68 void
69 gss_zone_fini(zoneid_t zoneid, void *data)
70 {
71 	struct gss_globals *gssg = data;
72 	struct netbuf *netaddrp = &gssg->gss_netaddr;
73 
74 	if (netaddrp->len != 0)
75 		kmem_free(netaddrp->buf, netaddrp->maxlen);
76 	kmem_free(gssg, sizeof (*gssg));
77 }
78 
79 void
80 killgssd_handle(CLIENT *client)
81 {
82 	struct rpc_err rpcerr;
83 	struct gss_globals *gssg;
84 
85 	gssg = zone_getspecific(gss_zone_key, curproc->p_zone);
86 	CLNT_GETERR(client, &rpcerr);
87 	gssg->gss_last_stat = rpcerr.re_status;
88 
89 	AUTH_DESTROY(client->cl_auth);
90 	CLNT_DESTROY(client);
91 }
92 
93 CLIENT *
94 getgssd_handle(void)
95 {
96 	struct vnode *vp;
97 	int error;
98 	CLIENT *clnt;
99 	enum clnt_stat stat;
100 	struct netbuf tmpaddr;
101 	struct gss_globals *gssg;
102 	struct netbuf *netaddrp;
103 
104 	gssg = zone_getspecific(gss_zone_key, curproc->p_zone);
105 	/*
106 	 * Cribbed from kerb_krpc.c. Really should do the config set up
107 	 * in the _init routine.
108 	 */
109 	if (gssg->gss_config.knc_rdev == 0) {
110 		if ((error = lookupname("/dev/ticotsord", UIO_SYSSPACE,
111 		    FOLLOW, NULLVPP, &vp)) != 0) {
112 			GSSLOG(1, "getgssd_handle: lookupname: %d\n", error);
113 			return (NULL);
114 		}
115 		gssg->gss_config.knc_rdev = vp->v_rdev;
116 		gssg->gss_config.knc_protofmly = loopback_name;
117 		VN_RELE(vp);
118 		gssg->gss_config.knc_semantics = NC_TPI_COTS_ORD;
119 	}
120 
121 	/*
122 	 * Contact rpcbind to get gssd's address only
123 	 * once and re-use the address.
124 	 */
125 	mutex_enter(&gssrpcb_lock);
126 	netaddrp = &gssg->gss_netaddr;
127 
128 	if (netaddrp->len == 0 || gssg->gss_last_stat != RPC_SUCCESS) {
129 		if (netaddrp->buf != NULL)
130 			kmem_free(netaddrp->buf, netaddrp->maxlen);
131 
132 		/* Set up netaddr to be "localhost." (strlen is 10) */
133 		netaddrp->len = netaddrp->maxlen = 10;
134 		netaddrp->buf = kmem_alloc(netaddrp->len, KM_SLEEP);
135 		(void) strncpy(netaddrp->buf, "localhost.", netaddrp->len);
136 
137 		/* Get address of gssd from rpcbind */
138 		stat = rpcbind_getaddr(&gssg->gss_config, GSSPROG, GSSVERS,
139 		    netaddrp);
140 		if (stat != RPC_SUCCESS) {
141 			kmem_free(netaddrp->buf, netaddrp->maxlen);
142 			netaddrp->buf = NULL;
143 			netaddrp->len = netaddrp->maxlen = 0;
144 			mutex_exit(&gssrpcb_lock);
145 			return (NULL);
146 		}
147 	}
148 
149 	/*
150 	 * Copy the netaddr information into a tmp location to
151 	 * be used by clnt_tli_kcreate.  The purpose of this
152 	 * is for MT race condition (ie. netaddr being modified
153 	 * while it is being used.)
154 	 */
155 	tmpaddr.buf = kmem_zalloc(netaddrp->maxlen, KM_SLEEP);
156 	bcopy(netaddrp->buf, tmpaddr.buf, netaddrp->maxlen);
157 	tmpaddr.maxlen = netaddrp->maxlen;
158 	tmpaddr.len = netaddrp->len;
159 
160 	mutex_exit(&gssrpcb_lock);
161 
162 	error = clnt_tli_kcreate(&gssg->gss_config, &tmpaddr, GSSPROG,
163 	    GSSVERS, 0, GSSD_RETRY, kcred, &clnt);
164 
165 	kmem_free(tmpaddr.buf, tmpaddr.maxlen);
166 
167 	if (error != 0) {
168 		GSSLOG(1,
169 		"getgssd_handle: clnt_tli_kcreate: error %d\n", error);
170 		return (NULL);
171 	}
172 
173 	return (clnt);
174 }
175