1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2014 Nexenta Systems, Inc. All rights reserved. 24 * Copyright 2017 Joyent Inc 25 */ 26 27 /* 28 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 29 * Use is subject to license terms. 30 */ 31 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 32 /* All Rights Reserved */ 33 /* 34 * Portions of this source code were derived from Berkeley 35 * 4.3 BSD under license from the Regents of the University of 36 * California. 37 */ 38 39 /* 40 * auth_sys.h, Protocol for UNIX style authentication parameters for RPC 41 */ 42 43 #ifndef _RPC_AUTH_SYS_H 44 #define _RPC_AUTH_SYS_H 45 46 /* 47 * The system is very weak. The client uses no encryption for it 48 * credentials and only sends null verifiers. The server sends backs 49 * null verifiers or optionally a verifier that suggests a new short hand 50 * for the credentials. 51 */ 52 53 #include <sys/types.h> 54 #include <sys/param.h> 55 #include <rpc/types.h> 56 #include <rpc/xdr.h> 57 #include <rpc/auth.h> 58 59 #ifdef __cplusplus 60 extern "C" { 61 #endif 62 63 /* The machine name is part of a credential; it may not exceed 255 bytes */ 64 #define MAX_MACHINE_NAME 255 65 66 /* gids compose part of a credential; there may not be more than 16 of them */ 67 #define NGRPS 16 68 69 /* 70 * "sys" (Old UNIX) style credentials. 71 */ 72 struct authsys_parms { 73 uint_t aup_time; 74 char *aup_machname; 75 uid_t aup_uid; 76 gid_t aup_gid; 77 uint_t aup_len; 78 gid_t *aup_gids; 79 }; 80 /* For backward compatibility */ 81 #define authunix_parms authsys_parms 82 83 /* 84 * Ideally, we would like this to be NGROUPS_UMAX, but the RFC mandates that 85 * auth sections must not exceed 400 bytes. For AUTH_LOOPBACK, that means the 86 * largest number of groups we can have without breaking RFC compat is 92 87 * groups. 88 * 89 * NOTE: changing this value changes the size of authlpbk_area in 90 * svc_auth_loopb.c, which means RQCRED_SIZE *must* be updated! 91 */ 92 #define NGRPS_LOOPBACK 92 93 94 #ifdef __STDC__ 95 extern bool_t xdr_authsys_parms(XDR *, struct authsys_parms *); 96 extern bool_t xdr_authloopback_parms(XDR *, struct authsys_parms *); 97 #else 98 extern bool_t xdr_authsys_parms(); 99 extern bool_t xdr_authloopback_parms(); 100 #endif 101 102 103 /* For backward compatibility */ 104 #define xdr_authunix_parms(xdrs, p) xdr_authsys_parms(xdrs, p) 105 106 /* 107 * If a response verifier has flavor AUTH_SHORT, then the body of 108 * the response verifier encapsulates the following structure; 109 * again it is serialized in the obvious fashion. 110 */ 111 struct short_hand_verf { 112 struct opaque_auth new_cred; 113 }; 114 115 struct svc_req; 116 117 extern bool_t xdr_gid_t(XDR *, gid_t *); 118 extern bool_t xdr_uid_t(XDR *, uid_t *); 119 120 #ifdef _KERNEL 121 extern bool_t xdr_authkern(XDR *); 122 extern bool_t xdr_authloopback(XDR *); 123 extern enum auth_stat _svcauth_unix(struct svc_req *, struct rpc_msg *); 124 extern enum auth_stat _svcauth_short(struct svc_req *, struct rpc_msg *); 125 #endif 126 127 #ifdef __cplusplus 128 } 129 #endif 130 131 #endif /* !_RPC_AUTH_SYS_H */ 132