Commit b9239fb2 authored by Chuck Lever's avatar Chuck Lever Committed by Linus Torvalds

[PATCH] stricter type checking for rpc auth flavors

This implements stricter type checking for rpc auth flavors.  it is a
prerequisite for RPC GSSAPI and its authentication pseudoflavors.
please apply it.
parent 1e04f496
......@@ -245,7 +245,7 @@ int nfs_fill_super(struct super_block *sb, struct nfs_mount_data *data, int sile
struct rpc_xprt *xprt = NULL;
struct rpc_clnt *clnt = NULL;
struct inode *root_inode = NULL;
unsigned int authflavor;
rpc_authflavor_t authflavor;
struct rpc_timeout timeparms;
struct nfs_fsinfo fsinfo;
int tcp, version, maxlen;
......
......@@ -42,8 +42,8 @@ struct nlm_host {
struct rpc_clnt * h_rpcclnt; /* RPC client to talk to peer */
char h_name[20]; /* remote hostname */
u32 h_version; /* interface version */
rpc_authflavor_t h_authflavor; /* RPC authentication type */
unsigned short h_proto; /* transport proto */
unsigned short h_authflavor; /* RPC authentication type */
unsigned short h_reclaiming : 1,
h_server : 1, /* server side, not client side */
h_inuse : 1,
......
/*
* linux/include/linux/auth.h
* linux/include/linux/sunrpc/auth.h
*
* Declarations for the RPC authentication machinery.
* Declarations for the RPC client authentication machinery.
*
* Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
*/
......@@ -67,7 +67,7 @@ struct rpc_auth {
* Client authentication ops
*/
struct rpc_authops {
unsigned int au_flavor; /* flavor (RPC_AUTH_*) */
rpc_authflavor_t au_flavor; /* flavor (RPC_AUTH_*) */
#ifdef RPC_DEBUG
char * au_name;
#endif
......@@ -94,7 +94,7 @@ extern struct rpc_authops authdes_ops;
int rpcauth_register(struct rpc_authops *);
int rpcauth_unregister(struct rpc_authops *);
struct rpc_auth * rpcauth_create(unsigned int, struct rpc_clnt *);
struct rpc_auth * rpcauth_create(rpc_authflavor_t, struct rpc_clnt *);
void rpcauth_destroy(struct rpc_auth *);
struct rpc_cred * rpcauth_lookupcred(struct rpc_auth *, int);
struct rpc_cred * rpcauth_bindcred(struct rpc_task *);
......
......@@ -111,7 +111,7 @@ struct rpc_procinfo {
struct rpc_clnt *rpc_create_client(struct rpc_xprt *xprt, char *servname,
struct rpc_program *info,
u32 version, int authflavor);
u32 version, rpc_authflavor_t authflavor);
int rpc_shutdown_client(struct rpc_clnt *);
int rpc_destroy_client(struct rpc_clnt *);
void rpc_release_client(struct rpc_clnt *);
......
......@@ -11,12 +11,16 @@
#define RPC_VERSION 2
enum rpc_auth_flavor {
/* spec defines authentication flavor as an unsigned 32 bit integer */
typedef u32 rpc_authflavor_t;
enum rpc_auth_flavors {
RPC_AUTH_NULL = 0,
RPC_AUTH_UNIX = 1,
RPC_AUTH_SHORT = 2,
RPC_AUTH_DES = 3,
RPC_AUTH_KRB = 4,
RPC_AUTH_MAXFLAVOR = 8,
};
enum rpc_msg_type {
......
......@@ -14,7 +14,7 @@
#include <linux/sunrpc/msg_prot.h>
struct svc_cred {
u32 cr_flavor;
rpc_authflavor_t cr_flavor;
uid_t cr_uid;
gid_t cr_gid;
gid_t cr_groups[NGROUPS];
......@@ -23,8 +23,9 @@ struct svc_cred {
struct svc_rqst; /* forward decl */
void svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
int svc_auth_register(u32 flavor, void (*)(struct svc_rqst *,u32 *,u32 *));
void svc_auth_unregister(u32 flavor);
int svc_auth_register(rpc_authflavor_t flavor,
void (*)(struct svc_rqst *,u32 *,u32 *));
void svc_auth_unregister(rpc_authflavor_t flavor);
#if 0
/*
......@@ -39,7 +40,7 @@ struct authunix_parms {
u32 aup_gids[NGRPS];
};
struct svc_authops * auth_getops(u32 flavor);
struct svc_authops * auth_getops(rpc_authflavor_t flavor);
#endif
......
/*
* linux/fs/nfs/rpcauth.c
* linux/net/sunrpc/auth.c
*
* Generic RPC authentication API.
* Generic RPC client authentication API.
*
* Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
*/
......@@ -18,9 +18,7 @@
# define RPCDBG_FACILITY RPCDBG_AUTH
#endif
#define RPC_MAXFLAVOR 8
static struct rpc_authops * auth_flavors[RPC_MAXFLAVOR] = {
static struct rpc_authops * auth_flavors[RPC_AUTH_MAXFLAVOR] = {
&authnull_ops, /* AUTH_NULL */
&authunix_ops, /* AUTH_UNIX */
NULL, /* others can be loadable modules */
......@@ -29,9 +27,9 @@ static struct rpc_authops * auth_flavors[RPC_MAXFLAVOR] = {
int
rpcauth_register(struct rpc_authops *ops)
{
unsigned int flavor;
rpc_authflavor_t flavor;
if ((flavor = ops->au_flavor) >= RPC_MAXFLAVOR)
if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
return -EINVAL;
if (auth_flavors[flavor] != NULL)
return -EPERM; /* what else? */
......@@ -42,9 +40,9 @@ rpcauth_register(struct rpc_authops *ops)
int
rpcauth_unregister(struct rpc_authops *ops)
{
unsigned int flavor;
rpc_authflavor_t flavor;
if ((flavor = ops->au_flavor) >= RPC_MAXFLAVOR)
if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
return -EINVAL;
if (auth_flavors[flavor] != ops)
return -EPERM; /* what else? */
......@@ -53,11 +51,11 @@ rpcauth_unregister(struct rpc_authops *ops)
}
struct rpc_auth *
rpcauth_create(unsigned int flavor, struct rpc_clnt *clnt)
rpcauth_create(rpc_authflavor_t flavor, struct rpc_clnt *clnt)
{
struct rpc_authops *ops;
if (flavor >= RPC_MAXFLAVOR || !(ops = auth_flavors[flavor]))
if (flavor >= RPC_AUTH_MAXFLAVOR || !(ops = auth_flavors[flavor]))
return NULL;
clnt->cl_auth = ops->create(clnt);
return clnt->cl_auth;
......
/*
* linux/net/sunrpc/rpcauth_null.c
* linux/net/sunrpc/auth_null.c
*
* AUTH_NULL authentication. Really :-)
*
......@@ -106,14 +106,18 @@ nul_refresh(struct rpc_task *task)
static u32 *
nul_validate(struct rpc_task *task, u32 *p)
{
u32 n = ntohl(*p++);
rpc_authflavor_t flavor;
u32 size;
if (n != RPC_AUTH_NULL) {
printk("RPC: bad verf flavor: %ld\n", (unsigned long) n);
flavor = ntohl(*p++);
if (flavor != RPC_AUTH_NULL) {
printk("RPC: bad verf flavor: %u\n", flavor);
return NULL;
}
if ((n = ntohl(*p++)) != 0) {
printk("RPC: bad verf size: %ld\n", (unsigned long) n);
size = ntohl(*p++);
if (size != 0) {
printk("RPC: bad verf size: %u\n", size);
return NULL;
}
......
/*
* linux/net/sunrpc/rpcauth_unix.c
* linux/net/sunrpc/auth_unix.c
*
* UNIX-style authentication; no AUTH_SHORT support
*
......@@ -216,18 +216,24 @@ unx_refresh(struct rpc_task *task)
static u32 *
unx_validate(struct rpc_task *task, u32 *p)
{
u32 n = ntohl(*p++);
if (n != RPC_AUTH_NULL && n != RPC_AUTH_UNIX && n != RPC_AUTH_SHORT) {
printk("RPC: bad verf flavor: %ld\n", (unsigned long) n);
rpc_authflavor_t flavor;
u32 size;
flavor = ntohl(*p++);
if (flavor != RPC_AUTH_NULL &&
flavor != RPC_AUTH_UNIX &&
flavor != RPC_AUTH_SHORT) {
printk("RPC: bad verf flavor: %u\n", flavor);
return NULL;
}
if ((n = ntohl(*p++)) > 400) {
printk("RPC: giant verf size: %ld\n", (unsigned long) n);
size = ntohl(*p++);
if (size > 400) {
printk("RPC: giant verf size: %u\n", size);
return NULL;
}
task->tk_auth->au_rslack = (n >> 2) + 2;
p += (n >> 2);
task->tk_auth->au_rslack = (size >> 2) + 2;
p += (size >> 2);
return p;
}
......
......@@ -71,7 +71,8 @@ static u32 * call_verify(struct rpc_task *task);
*/
struct rpc_clnt *
rpc_create_client(struct rpc_xprt *xprt, char *servname,
struct rpc_program *program, u32 vers, int flavor)
struct rpc_program *program, u32 vers,
rpc_authflavor_t flavor)
{
struct rpc_version *version;
struct rpc_clnt *clnt = NULL;
......@@ -122,7 +123,7 @@ rpc_create_client(struct rpc_xprt *xprt, char *servname,
printk(KERN_INFO "RPC: out of memory in rpc_create_client\n");
goto out;
out_no_auth:
printk(KERN_INFO "RPC: Couldn't create auth handle (flavor %d)\n",
printk(KERN_INFO "RPC: Couldn't create auth handle (flavor %u)\n",
flavor);
rpc_free(clnt);
clnt = NULL;
......
......@@ -30,15 +30,10 @@ typedef void (*auth_fn_t)(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
static void svcauth_null(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
static void svcauth_unix(struct svc_rqst *rqstp, u32 *statp, u32 *authp);
/*
* Max number of authentication flavors we support
*/
#define RPC_SVCAUTH_MAX 8
/*
* Table of authenticators
*/
static auth_fn_t authtab[RPC_SVCAUTH_MAX] = {
static auth_fn_t authtab[RPC_AUTH_MAXFLAVOR] = {
svcauth_null,
svcauth_unix,
NULL,
......@@ -47,7 +42,7 @@ static auth_fn_t authtab[RPC_SVCAUTH_MAX] = {
void
svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
{
u32 flavor;
rpc_authflavor_t flavor;
auth_fn_t func;
*statp = rpc_success;
......@@ -57,7 +52,7 @@ svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
flavor = ntohl(flavor);
dprintk("svc: svc_authenticate (%d)\n", flavor);
if (flavor >= RPC_SVCAUTH_MAX || !(func = authtab[flavor])) {
if (flavor >= RPC_AUTH_MAXFLAVOR || !(func = authtab[flavor])) {
*authp = rpc_autherr_badcred;
return;
}
......@@ -67,18 +62,18 @@ svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp)
}
int
svc_auth_register(u32 flavor, auth_fn_t func)
svc_auth_register(rpc_authflavor_t flavor, auth_fn_t func)
{
if (flavor >= RPC_SVCAUTH_MAX || authtab[flavor])
if (flavor >= RPC_AUTH_MAXFLAVOR || authtab[flavor])
return -EINVAL;
authtab[flavor] = func;
return 0;
}
void
svc_auth_unregister(u32 flavor)
svc_auth_unregister(rpc_authflavor_t flavor)
{
if (flavor < RPC_SVCAUTH_MAX)
if (flavor < RPC_AUTH_MAXFLAVOR)
authtab[flavor] = NULL;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment