diff options
author | alfred <alfred@FreeBSD.org> | 2001-03-22 04:31:30 +0000 |
---|---|---|
committer | alfred <alfred@FreeBSD.org> | 2001-03-22 04:31:30 +0000 |
commit | 281af9370ca4060089860089233faf33682090ff (patch) | |
tree | 06c8eb9ac0e2912253da3c85456a24984746c85d /usr.sbin | |
parent | 2067928f4eb6211420175a84f11a6c8c20eeead0 (diff) | |
download | FreeBSD-src-281af9370ca4060089860089233faf33682090ff.zip FreeBSD-src-281af9370ca4060089860089233faf33682090ff.tar.gz |
Hopefully fix some of the bugs in passing credentials over UNIX domain sockets.
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)
Make __rpc_get_local_uid() useable and give it prototype that's
visible.
Fix some issues with printing out usernames from rpcbind and keyserv.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/keyserv/Makefile | 2 | ||||
-rw-r--r-- | usr.sbin/keyserv/keyserv.c | 2 | ||||
-rw-r--r-- | usr.sbin/keyserv/keyserv.h | 5 | ||||
-rw-r--r-- | usr.sbin/keyserv/keyserv_uid.c | 76 | ||||
-rw-r--r-- | usr.sbin/rpcbind/pmap_svc.c | 9 | ||||
-rw-r--r-- | usr.sbin/rpcbind/rpcb_svc_com.c | 13 |
6 files changed, 15 insertions, 92 deletions
diff --git a/usr.sbin/keyserv/Makefile b/usr.sbin/keyserv/Makefile index ea8d9f4..169a9d5 100644 --- a/usr.sbin/keyserv/Makefile +++ b/usr.sbin/keyserv/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PROG= keyserv -SRCS= keyserv.c setkey.c keyserv_uid.c crypt_svc.c crypt_server.c crypt.h +SRCS= keyserv.c setkey.c crypt_svc.c crypt_server.c crypt.h CFLAGS+= -DKEYSERV_RANDOM -DBROKEN_DES -I. .if $(OBJFORMAT) == elf diff --git a/usr.sbin/keyserv/keyserv.c b/usr.sbin/keyserv/keyserv.c index 9a156d5..6486c0f 100644 --- a/usr.sbin/keyserv/keyserv.c +++ b/usr.sbin/keyserv/keyserv.c @@ -741,7 +741,7 @@ root_auth(trans, rqstp) return (0); } - if (__rpc_get_local_uid(&uid, trans) < 0) { + if (__rpc_get_local_uid(trans, &uid) < 0) { if (debugging) fprintf(stderr, "__rpc_get_local_uid failed\n"); return (0); diff --git a/usr.sbin/keyserv/keyserv.h b/usr.sbin/keyserv/keyserv.h index 6e2402d..0cc6a36 100644 --- a/usr.sbin/keyserv/keyserv.h +++ b/usr.sbin/keyserv/keyserv.h @@ -1,4 +1,6 @@ - +/* + * $FreeBSD$ + */ extern void setmodulus __P((char *modx)); extern keystatus pk_setkey __P(( uid_t, keybuf ));; @@ -9,7 +11,6 @@ extern keystatus pk_netget __P(( uid_t, key_netstarg * )); extern keystatus pk_get_conv_key __P(( uid_t, keybuf, cryptkeyres * )); extern void pk_nodefaultkeys __P(( void )); -extern int __rpc_get_local_uid __P(( uid_t * , SVCXPRT * )); extern void crypt_prog_1 __P(( struct svc_req *, register SVCXPRT * )); extern void load_des __P(( int, char * )); diff --git a/usr.sbin/keyserv/keyserv_uid.c b/usr.sbin/keyserv/keyserv_uid.c deleted file mode 100644 index 8a46fd1..0000000 --- a/usr.sbin/keyserv/keyserv_uid.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1996 - * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Bill Paul. - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include <signal.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <sys/types.h> -#include <rpc/key_prot.h> -#include <rpc/des.h> -#include <sys/socket.h> -#include <sys/param.h> - -#include "keyserv.h" - -#ifndef lint -static const char rcsid[] = - "$FreeBSD$"; -#endif - -/* - * XXX should be declared somewhere - */ -struct cmessage { - struct cmsghdr cmsg; - struct cmsgcred cmcred; -}; - -int -__rpc_get_local_uid(uid, transp) - uid_t *uid; - SVCXPRT *transp; -{ - struct cmessage *cm; - - if (transp->xp_verf.oa_length < sizeof(struct cmessage) || - transp->xp_verf.oa_base == NULL || - transp->xp_verf.oa_flavor != AUTH_UNIX) - return(-1); - - cm = (struct cmessage *)transp->xp_verf.oa_base; - if (cm->cmsg.cmsg_type != SCM_CREDS) - return(-1); - - *uid = cm->cmcred.cmcred_euid; - return(0); -} diff --git a/usr.sbin/rpcbind/pmap_svc.c b/usr.sbin/rpcbind/pmap_svc.c index b2cedd9..26467d1 100644 --- a/usr.sbin/rpcbind/pmap_svc.c +++ b/usr.sbin/rpcbind/pmap_svc.c @@ -173,7 +173,7 @@ pmapproc_change(struct svc_req *rqstp, SVCXPRT *xprt, unsigned long op) RPCB rpcbreg; long ans; struct sockaddr_in *who; - struct cmsgcred *cmcred; + uid_t uid; char uidbuf[32]; #ifdef RPCBIND_DEBUG @@ -194,19 +194,18 @@ pmapproc_change(struct svc_req *rqstp, SVCXPRT *xprt, unsigned long op) } who = svc_getcaller(xprt); - cmcred = __svc_getcallercreds(xprt); /* * Can't use getpwnam here. We might end up calling ourselves * and looping. */ - if (cmcred == NULL) + if (__rpc_get_local_uid(xprt, &uid) < 0) rpcbreg.r_owner = "unknown"; - else if (cmcred->cmcred_uid == 0) + else if (uid == 0) rpcbreg.r_owner = "superuser"; else { /* r_owner will be strdup-ed later */ - snprintf(uidbuf, sizeof uidbuf, "%d", cmcred->cmcred_uid); + snprintf(uidbuf, sizeof uidbuf, "%d", uid); rpcbreg.r_owner = uidbuf; } diff --git a/usr.sbin/rpcbind/rpcb_svc_com.c b/usr.sbin/rpcbind/rpcb_svc_com.c index e0c7487..55264c0 100644 --- a/usr.sbin/rpcbind/rpcb_svc_com.c +++ b/usr.sbin/rpcbind/rpcb_svc_com.c @@ -1348,15 +1348,14 @@ find_service(rpcprog_t prog, rpcvers_t vers, char *netid) static char * getowner(SVCXPRT *transp, char *owner, size_t ownersize) { - struct cmsgcred *cmcred; - - cmcred = __svc_getcallercreds(transp); - if (cmcred == NULL) - strlcpy(owner, "unknown", ownersize); - else if (cmcred->cmcred_uid == 0) + uid_t uid; + + if (__rpc_get_local_uid(transp, &uid) < 0) + strlcpy(owner, "unknown", ownersize); + else if (uid == 0) strlcpy(owner, "superuser", ownersize); else - snprintf(owner, ownersize, "%d", cmcred->cmcred_uid); + snprintf(owner, ownersize, "%d", uid); return owner; } |