xref: /illumos-gate/usr/src/uts/common/rpc/auth.h (revision c65ebfc7045424bd04a6c7719a27b0ad3399ad54)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Copyright 2017 Joyent Inc
24  * Use is subject to license terms.
25  */
26 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
27 /* All Rights Reserved */
28 /*
29  * Portions of this source code were derived from Berkeley
30  * 4.3 BSD under license from the Regents of the University of
31  * California.
32  */
33 
34 /*
35  * auth.h, Authentication interface.
36  *
37  * The data structures are completely opaque to the client. The client
38  * is required to pass a AUTH * to routines that create rpc
39  * "sessions".
40  */
41 
42 #ifndef	_RPC_AUTH_H
43 #define	_RPC_AUTH_H
44 
45 #include <rpc/xdr.h>
46 #include <rpc/clnt_stat.h>
47 #include <sys/cred.h>
48 #include <sys/tiuser.h>
49 #ifdef _KERNEL
50 #include <sys/zone.h>
51 #endif
52 
53 #ifdef	__cplusplus
54 extern "C" {
55 #endif
56 
57 #define	MAX_AUTH_BYTES	400	/* maximum length of an auth type, from RFC */
58 #define	MAXNETNAMELEN	255	/* maximum length of network user's name */
59 
60 /*
61  * NOTE: this value *must* be kept larger than the maximum size of all the
62  * structs that rq_clntcred is cast to in the different authentication types.
63  * If changes are made to any of these *_area structs, double-check they all
64  * still fit. If any new authentication mechanisms are added, add a note here.
65  *
66  * Currently these structs can be found in:
67  *  - __svcauth_sys (svc_auth_sys.c)
68  *  - __svcauth_des (svcauth_des.c)
69  *  - __svcauth_loopback (svc_auth_loopb.c)
70  */
71 #define	RQCRED_SIZE	700	/* size allocated for rq_clntcred */
72 
73 /*
74  *  Client side authentication/security data
75  */
76 typedef struct sec_data {
77 	uint_t	secmod;		/* security mode number e.g. in nfssec.conf */
78 	uint_t	rpcflavor;	/* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
79 	int	flags;		/* AUTH_F_xxx flags */
80 	uid_t	uid;		/* uid of caller for all sec flavors (NFSv4)  */
81 	caddr_t	data;		/* opaque data per flavor */
82 } sec_data_t;
83 
84 #ifdef _SYSCALL32_IMPL
85 struct sec_data32 {
86 	uint32_t	secmod;	/* security mode number e.g. in nfssec.conf */
87 	uint32_t	rpcflavor; /* AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
88 	int32_t		flags;	/* AUTH_F_xxx flags */
89 	uid_t		uid;	/* uid of caller for all sec flavors (NFSv4) */
90 	caddr32_t	data;	/* opaque data per flavor */
91 };
92 #endif /* _SYSCALL32_IMPL */
93 
94 /*
95  * AUTH_DES flavor specific data from sec_data opaque data field.
96  * AUTH_KERB has the same structure.
97  */
98 typedef struct des_clnt_data {
99 	struct netbuf	syncaddr;	/* time sync addr */
100 	struct knetconfig *knconf;	/* knetconfig info that associated */
101 					/* with the syncaddr. */
102 	char		*netname;	/* server's netname */
103 	int		netnamelen;	/* server's netname len */
104 } dh_k4_clntdata_t;
105 
106 #ifdef _SYSCALL32_IMPL
107 struct des_clnt_data32 {
108 	struct netbuf32 syncaddr;	/* time sync addr */
109 	caddr32_t knconf;		/* knetconfig info that associated */
110 					/* with the syncaddr. */
111 	caddr32_t netname;		/* server's netname */
112 	int32_t	netnamelen;		/* server's netname len */
113 };
114 #endif /* _SYSCALL32_IMPL */
115 
116 /*
117  * flavor specific data to hold the data for AUTH_DES/AUTH_KERB(v4)
118  * in sec_data->data opaque field.
119  */
120 typedef struct krb4_svc_data {
121 	int		window;		/* window option value */
122 } krb4_svcdata_t;
123 
124 typedef struct krb4_svc_data	des_svcdata_t;
125 
126 /*
127  * authentication/security specific flags
128  */
129 #define	AUTH_F_RPCTIMESYNC	0x001	/* use RPC to do time sync */
130 #define	AUTH_F_TRYNONE		0x002	/* allow fall back to AUTH_NONE */
131 
132 
133 /*
134  * Status returned from authentication check
135  */
136 enum auth_stat {
137 	AUTH_OK = 0,
138 	/*
139 	 * failed at remote end
140 	 */
141 	AUTH_BADCRED = 1,		/* bogus credentials (seal broken) */
142 	AUTH_REJECTEDCRED = 2,		/* client should begin new session */
143 	AUTH_BADVERF = 3,		/* bogus verifier (seal broken) */
144 	AUTH_REJECTEDVERF = 4,		/* verifier expired or was replayed */
145 	AUTH_TOOWEAK = 5,		/* rejected due to security reasons */
146 	/*
147 	 * failed locally
148 	 */
149 	AUTH_INVALIDRESP = 6,		/* bogus response verifier */
150 	AUTH_FAILED = 7,			/* some unknown reason */
151 	/*
152 	 * kerberos errors
153 	 */
154 	AUTH_KERB_GENERIC = 8,		/* kerberos generic error */
155 	AUTH_TIMEEXPIRE = 9,		/* time of credential expired */
156 	AUTH_TKT_FILE = 10,		/* something wrong with ticket file */
157 	AUTH_DECODE = 11,		/* can't decode authenticator */
158 	AUTH_NET_ADDR = 12,		/* wrong net address in ticket */
159 	/*
160 	 * GSS related errors
161 	 */
162 	RPCSEC_GSS_NOCRED = 13,		/* no credentials for user */
163 	RPCSEC_GSS_FAILED = 14		/* GSS failure, credentials deleted */
164 };
165 typedef enum auth_stat AUTH_STAT;
166 
167 union des_block {
168 	struct	{
169 		uint32_t high;
170 		uint32_t low;
171 	} key;
172 	char c[8];
173 };
174 typedef union des_block des_block;
175 
176 #ifdef __STDC__
177 extern bool_t xdr_des_block(XDR *, des_block *);
178 #else
179 extern bool_t xdr_des_block();
180 #endif
181 
182 
183 /*
184  * Authentication info. Opaque to client.
185  */
186 struct opaque_auth {
187 	enum_t	oa_flavor;		/* flavor of auth */
188 	caddr_t	oa_base;		/* address of more auth stuff */
189 	uint_t	oa_length;		/* not to exceed MAX_AUTH_BYTES */
190 };
191 
192 
193 /*
194  * Auth handle, interface to client side authenticators.
195  */
196 typedef struct __auth {
197 	struct	opaque_auth	ah_cred;
198 	struct	opaque_auth	ah_verf;
199 	union	des_block	ah_key;
200 	struct auth_ops {
201 #ifdef __STDC__
202 		void	(*ah_nextverf)(struct __auth *);
203 #ifdef _KERNEL
204 		int	(*ah_marshal)(struct __auth *, XDR *, struct cred *);
205 #else
206 		int	(*ah_marshal)(struct __auth *, XDR *);
207 #endif
208 		/* nextverf & serialize */
209 		int	(*ah_validate)(struct __auth *,
210 		    struct opaque_auth *);
211 		/* validate varifier */
212 #ifdef _KERNEL
213 		int	(*ah_refresh)(struct __auth *, struct rpc_msg *,
214 		    cred_t *);
215 #else
216 		int	(*ah_refresh)(struct __auth *, void *);
217 		/* refresh credentials */
218 #endif
219 		void	(*ah_destroy)(struct __auth *);
220 		/* destroy this structure */
221 
222 #ifdef _KERNEL
223 		int	(*ah_wrap)(struct __auth *, caddr_t, uint_t,
224 		    XDR *, xdrproc_t, caddr_t);
225 		int	(*ah_unwrap)(struct __auth *, XDR *, xdrproc_t,
226 		    caddr_t);
227 #endif
228 #else
229 		void	(*ah_nextverf)();
230 		int	(*ah_marshal)();	/* nextverf & serialize */
231 		int	(*ah_validate)();	/* validate verifier */
232 		int	(*ah_refresh)();	/* refresh credentials */
233 		void	(*ah_destroy)();	/* destroy this structure */
234 #ifdef _KERNEL
235 		int	(*ah_wrap)();		/* encode XDR data */
236 		int	(*ah_unwrap)();		/* decode XDR data */
237 #endif
238 
239 #endif
240 	} *ah_ops;
241 	caddr_t ah_private;
242 } AUTH;
243 
244 
245 /*
246  * Authentication ops.
247  * The ops and the auth handle provide the interface to the authenticators.
248  *
249  * AUTH	*auth;
250  * XDR	*xdrs;
251  * struct opaque_auth verf;
252  */
253 #define	AUTH_NEXTVERF(auth)		\
254 		((*((auth)->ah_ops->ah_nextverf))(auth))
255 #define	auth_nextverf(auth)		\
256 		((*((auth)->ah_ops->ah_nextverf))(auth))
257 
258 
259 #ifdef _KERNEL
260 #define	AUTH_MARSHALL(auth, xdrs, cred)	\
261 		((*((auth)->ah_ops->ah_marshal))(auth, xdrs, cred))
262 #define	auth_marshall(auth, xdrs, cred)	\
263 		((*((auth)->ah_ops->ah_marshal))(auth, xdrs, cred))
264 #else
265 #define	AUTH_MARSHALL(auth, xdrs)	\
266 		((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
267 #define	auth_marshall(auth, xdrs)	\
268 		((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
269 #endif
270 
271 
272 #define	AUTH_VALIDATE(auth, verfp)	\
273 		((*((auth)->ah_ops->ah_validate))((auth), verfp))
274 #define	auth_validate(auth, verfp)	\
275 		((*((auth)->ah_ops->ah_validate))((auth), verfp))
276 
277 #ifdef _KERNEL
278 #define	AUTH_REFRESH(auth, msg, cr)		\
279 		((*((auth)->ah_ops->ah_refresh))(auth, msg, cr))
280 #define	auth_refresh(auth, msg, cr)		\
281 		((*((auth)->ah_ops->ah_refresh))(auth, msg, cr))
282 #else
283 #define	AUTH_REFRESH(auth, msg)		\
284 		((*((auth)->ah_ops->ah_refresh))(auth, msg))
285 #define	auth_refresh(auth, msg)		\
286 		((*((auth)->ah_ops->ah_refresh))(auth, msg))
287 #endif
288 
289 #define	AUTH_DESTROY(auth)		\
290 		((*((auth)->ah_ops->ah_destroy))(auth))
291 #define	auth_destroy(auth)		\
292 		((*((auth)->ah_ops->ah_destroy))(auth))
293 
294 /*
295  * Auth flavors can now apply a transformation in addition to simple XDR
296  * on the body of a call/response in ways that depend on the flavor being
297  * used.  These interfaces provide a generic interface between the
298  * internal RPC frame and the auth flavor specific code to allow the
299  * auth flavor to encode (WRAP) or decode (UNWRAP) the body.
300  */
301 #ifdef _KERNEL
302 #define	AUTH_WRAP(auth, buf, buflen, xdrs, xfunc, xwhere)	\
303 		((*((auth)->ah_ops->ah_wrap))(auth, buf, buflen, \
304 				xdrs, xfunc, xwhere))
305 #define	auth_wrap(auth, buf, buflen, xdrs, xfunc, xwhere)	\
306 		((*((auth)->ah_ops->ah_wrap))(auth, buf, buflen, \
307 				xdrs, xfunc, xwhere))
308 
309 #define	AUTH_UNWRAP(auth, xdrs, xfunc, xwhere)	\
310 		((*((auth)->ah_ops->ah_unwrap))(auth, xdrs, xfunc, xwhere))
311 #define	auth_unwrap(auth, xdrs)	\
312 		((*((auth)->ah_ops->ah_unwrap))(auth, xdrs, xfunc, xwhere))
313 #endif
314 
315 extern struct opaque_auth _null_auth;
316 
317 /*
318  * These are the various implementations of client side authenticators.
319  */
320 
321 /*
322  * System style authentication
323  * AUTH *authsys_create(machname, uid, gid, len, aup_gids)
324  *	const char *machname;
325  *	const uid_t uid;
326  *	const gid_t gid;
327  *	const int len;
328  *	const gid_t *aup_gids;
329  */
330 #ifdef _KERNEL
331 extern AUTH *authkern_create(void);		/* takes no parameters */
332 extern int authkern_init(void *, void *, int);
333 extern struct kmem_cache *authkern_cache;
334 extern AUTH *authnone_create(void);		/* takes no parameters */
335 extern int authnone_init(void *, void *, int);
336 extern struct kmem_cache *authnone_cache;
337 extern AUTH *authloopback_create(void);		/* takes no parameters */
338 extern int authloopback_init(void *, void *, int);
339 extern struct kmem_cache *authloopback_cache;
340 #else /* _KERNEL */
341 #ifdef __STDC__
342 extern AUTH *authsys_create(const char *, const uid_t, const gid_t, const int,
343     const gid_t *);
344 extern AUTH *authsys_create_default(void);	/* takes no parameters */
345 extern AUTH *authnone_create(void);		/* takes no parameters */
346 #else /* __STDC__ */
347 extern AUTH *authsys_create();
348 extern AUTH *authsys_create_default();	/* takes no parameters */
349 extern AUTH *authnone_create();	/* takes no parameters */
350 #endif /* __STDC__ */
351 /* Will get obsolete in near future */
352 #define	authunix_create		authsys_create
353 #define	authunix_create_default authsys_create_default
354 #endif /* _KERNEL */
355 
356 /*
357  * DES style authentication
358  * AUTH *authdes_seccreate(servername, window, timehost, ckey)
359  *	const char *servername;		- network name of server
360  *	const uint_t window;			- time to live
361  *	const char *timehost;			- optional hostname to sync with
362  *	const des_block *ckey;		- optional conversation key to use
363  */
364 /* Will get obsolete in near future */
365 #ifdef _KERNEL
366 extern int authdes_create(char *, uint_t, struct netbuf *, struct knetconfig *,
367     des_block *, int, AUTH **retauth);
368 #else /* _KERNEL */
369 #ifdef __STDC__
370 extern AUTH *authdes_seccreate(const char *, const uint_t, const  char *,
371     const des_block *);
372 #else
373 extern AUTH *authdes_seccreate();
374 #endif /* __STDC__ */
375 #endif /* _KERNEL */
376 
377 /*
378  *  Netname manipulating functions
379  */
380 
381 #ifdef	_KERNEL
382 extern enum clnt_stat netname2user(char *, uid_t *, gid_t *, int *, gid_t *);
383 #endif
384 #ifdef __STDC__
385 extern int getnetname(char *);
386 extern int host2netname(char *, const char *, const char *);
387 extern int user2netname(char *, const uid_t, const char *);
388 #ifndef	_KERNEL
389 extern int netname2user(const char *, uid_t *, gid_t *, int *, gid_t *);
390 #endif
391 extern int netname2host(const char *, char *, const int);
392 #else
393 extern int getnetname();
394 extern int host2netname();
395 extern int user2netname();
396 extern int netname2host();
397 #endif
398 
399 /*
400  * These routines interface to the keyserv daemon
401  */
402 
403 #ifdef _KERNEL
404 extern enum clnt_stat key_decryptsession();
405 extern enum clnt_stat key_encryptsession();
406 extern enum clnt_stat key_gendes();
407 extern enum clnt_stat key_getnetname();
408 #endif
409 
410 #ifndef _KERNEL
411 #ifdef	__STDC__
412 extern int key_decryptsession(const char *, des_block *);
413 extern int key_encryptsession(const char *, des_block *);
414 extern int key_gendes(des_block *);
415 extern int key_setsecret(const char *);
416 extern int key_secretkey_is_set(void);
417 /*
418  * The following routines are private.
419  */
420 extern int key_setnet_ruid();
421 extern int key_setnet_g_ruid();
422 extern int key_removesecret_g_ruid();
423 extern int key_secretkey_is_set_g_ruid();
424 extern AUTH *authsys_create_ruid();
425 #else
426 extern int key_decryptsession();
427 extern int key_encryptsession();
428 extern int key_gendes();
429 extern int key_setsecret();
430 extern int key_secretkey_is_set();
431 #endif
432 #endif
433 
434 
435 /*
436  * Kerberos style authentication
437  * AUTH *authkerb_seccreate(service, srv_inst, realm, window, timehost, status)
438  *	const char *service;			- service name
439  *	const char *srv_inst;			- server instance
440  *	const char *realm;			- server realm
441  *	const uint_t window;			- time to live
442  *	const char *timehost;			- optional hostname to sync with
443  *	int *status;			- kerberos status returned
444  */
445 #ifdef _KERNEL
446 extern int    authkerb_create(char *, char *, char *, uint_t,
447     struct netbuf *, int *, struct knetconfig *, int, AUTH **);
448 #else
449 #ifdef __STDC__
450 extern AUTH *authkerb_seccreate(const char *, const char *, const  char *,
451     const uint_t, const char *, int *);
452 #else
453 extern AUTH *authkerb_seccreate();
454 #endif
455 #endif /* _KERNEL */
456 
457 /*
458  * Map a kerberos credential into a unix cred.
459  *
460  *  authkerb_getucred(rqst, uid, gid, grouplen, groups)
461  *	const struct svc_req *rqst;		- request pointer
462  *	uid_t *uid;
463  *	gid_t *gid;
464  *	short *grouplen;
465  *	int   *groups;
466  *
467  */
468 #ifdef __STDC__
469 struct svc_req;
470 extern int authkerb_getucred(struct svc_req *, uid_t *, gid_t *,
471     short *, int *);
472 #else
473 extern int authkerb_getucred();
474 #endif
475 
476 #ifdef _KERNEL
477 /*
478  * XDR an opaque authentication struct.  See auth.h.
479  */
480 extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
481 #endif
482 
483 #ifdef _KERNEL
484 extern int authany_wrap(AUTH *, caddr_t, uint_t, XDR *, xdrproc_t, caddr_t);
485 extern int authany_unwrap(AUTH *, XDR *, xdrproc_t, caddr_t);
486 #endif
487 
488 #define	AUTH_NONE	0		/* no authentication */
489 #define	AUTH_NULL	0		/* backward compatibility */
490 #define	AUTH_SYS	1		/* unix style (uid, gids) */
491 #define	AUTH_UNIX	AUTH_SYS
492 #define	AUTH_SHORT	2		/* short hand unix style */
493 #define	AUTH_DH		3		/* for Diffie-Hellman mechanism */
494 #define	AUTH_DES	AUTH_DH		/* for backward compatibility */
495 #define	AUTH_KERB	4		/* kerberos style */
496 #define	RPCSEC_GSS	6		/* GSS-API style */
497 
498 #define	AUTH_LOOPBACK	21982		/* unix style w/ expanded groups */
499 					/* for use over the local transport */
500 
501 #ifdef _KERNEL
502 extern char	loopback_name[];
503 
504 extern zone_key_t	auth_zone_key;
505 extern void *		auth_zone_init(zoneid_t);
506 extern void		auth_zone_fini(zoneid_t, void *);
507 #endif
508 
509 #ifdef	__cplusplus
510 }
511 #endif
512 
513 #endif	/* !_RPC_AUTH_H */
514