Commit b58b7c71 authored by Neil Brown's avatar Neil Brown Committed by Linus Torvalds

[PATCH] Some tidyup of svc_authenticate

We encode that status in the return value.

Also, don't pass 'proc' parameter to ->accept, as it is
implicit in rqstp.
parent ce64a188
...@@ -83,7 +83,7 @@ struct auth_domain { ...@@ -83,7 +83,7 @@ struct auth_domain {
struct auth_ops { struct auth_ops {
char * name; char * name;
int flavour; int flavour;
int (*accept)(struct svc_rqst *rq, u32 *authp, int proc); int (*accept)(struct svc_rqst *rq, u32 *authp);
int (*release)(struct svc_rqst *rq); int (*release)(struct svc_rqst *rq);
void (*domain_release)(struct auth_domain *); void (*domain_release)(struct auth_domain *);
}; };
...@@ -99,7 +99,7 @@ extern struct auth_ops *authtab[RPC_AUTH_MAXFLAVOR]; ...@@ -99,7 +99,7 @@ extern struct auth_ops *authtab[RPC_AUTH_MAXFLAVOR];
#define SVC_PENDING 8 #define SVC_PENDING 8
extern int svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp, int proc); extern int svc_authenticate(struct svc_rqst *rqstp, u32 *authp);
extern int svc_authorise(struct svc_rqst *rqstp); extern int svc_authorise(struct svc_rqst *rqstp);
extern int svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops); extern int svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops);
extern void svc_auth_unregister(rpc_authflavor_t flavor); extern void svc_auth_unregister(rpc_authflavor_t flavor);
......
...@@ -304,16 +304,21 @@ svc_process(struct svc_serv *serv, struct svc_rqst *rqstp) ...@@ -304,16 +304,21 @@ svc_process(struct svc_serv *serv, struct svc_rqst *rqstp)
* We do this before anything else in order to get a decent * We do this before anything else in order to get a decent
* auth verifier. * auth verifier.
*/ */
if (svc_authenticate(rqstp, &rpc_stat, &auth_stat, proc)) switch (svc_authenticate(rqstp, &auth_stat)) {
/* drop the request, it has probably been deferred */ case SVC_OK:
goto dropit; break;
case SVC_GARBAGE:
if (rpc_stat != rpc_success) rpc_stat = rpc_garbage_args;
goto err_garbage; goto err_bad;
case SVC_SYSERR:
if (auth_stat != rpc_auth_ok) rpc_stat = rpc_system_err;
goto err_bad;
case SVC_DENIED:
goto err_bad_auth; goto err_bad_auth;
case SVC_DROP:
goto dropit;
}
progp = serv->sv_program; progp = serv->sv_program;
if (prog != progp->pg_prog) if (prog != progp->pg_prog)
goto err_bad_prog; goto err_bad_prog;
...@@ -458,7 +463,9 @@ svc_process(struct svc_serv *serv, struct svc_rqst *rqstp) ...@@ -458,7 +463,9 @@ svc_process(struct svc_serv *serv, struct svc_rqst *rqstp)
#ifdef RPC_PARANOIA #ifdef RPC_PARANOIA
printk("svc: failed to decode args\n"); printk("svc: failed to decode args\n");
#endif #endif
rpc_stat = rpc_garbage_args;
err_bad:
serv->sv_stats->rpcbadfmt++; serv->sv_stats->rpcbadfmt++;
svc_putu32(resv, rpc_garbage_args); svc_putu32(resv, rpc_stat);
goto sendit; goto sendit;
} }
...@@ -33,12 +33,11 @@ static struct auth_ops *authtab[RPC_AUTH_MAXFLAVOR] = { ...@@ -33,12 +33,11 @@ static struct auth_ops *authtab[RPC_AUTH_MAXFLAVOR] = {
}; };
int int
svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp, int proc) svc_authenticate(struct svc_rqst *rqstp, u32 *authp)
{ {
rpc_authflavor_t flavor; rpc_authflavor_t flavor;
struct auth_ops *aops; struct auth_ops *aops;
*statp = rpc_success;
*authp = rpc_auth_ok; *authp = rpc_auth_ok;
flavor = ntohl(svc_getu32(&rqstp->rq_arg.head[0])); flavor = ntohl(svc_getu32(&rqstp->rq_arg.head[0]));
...@@ -46,25 +45,11 @@ svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp, int proc) ...@@ -46,25 +45,11 @@ svc_authenticate(struct svc_rqst *rqstp, u32 *statp, u32 *authp, int proc)
dprintk("svc: svc_authenticate (%d)\n", flavor); dprintk("svc: svc_authenticate (%d)\n", flavor);
if (flavor >= RPC_AUTH_MAXFLAVOR || !(aops = authtab[flavor])) { if (flavor >= RPC_AUTH_MAXFLAVOR || !(aops = authtab[flavor])) {
*authp = rpc_autherr_badcred; *authp = rpc_autherr_badcred;
return 0; return SVC_DENIED;
} }
rqstp->rq_authop = aops; rqstp->rq_authop = aops;
switch (aops->accept(rqstp, authp, proc)) { return aops->accept(rqstp, authp);
case SVC_OK:
return 0;
case SVC_GARBAGE:
*statp = rpc_garbage_args;
return 0;
case SVC_SYSERR:
*statp = rpc_system_err;
return 0;
case SVC_DENIED:
return 0;
case SVC_DROP:
break;
}
return 1; /* drop the request */
} }
/* A reqeust, which was authenticated, has now executed. /* A reqeust, which was authenticated, has now executed.
......
...@@ -321,7 +321,7 @@ void svcauth_unix_purge(void) ...@@ -321,7 +321,7 @@ void svcauth_unix_purge(void)
static int static int
svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp, int proc) svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp)
{ {
struct iovec *argv = &rqstp->rq_arg.head[0]; struct iovec *argv = &rqstp->rq_arg.head[0];
struct iovec *resv = &rqstp->rq_res.head[0]; struct iovec *resv = &rqstp->rq_res.head[0];
...@@ -376,7 +376,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp, int proc) ...@@ -376,7 +376,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp, int proc)
} }
else rv = SVC_DROP; else rv = SVC_DROP;
if (rqstp->rq_client == NULL && proc != 0) if (rqstp->rq_client == NULL && rqstp->rq_proc != 0)
*authp = rpc_autherr_badcred; *authp = rpc_autherr_badcred;
return rv; return rv;
...@@ -402,7 +402,7 @@ struct auth_ops svcauth_null = { ...@@ -402,7 +402,7 @@ struct auth_ops svcauth_null = {
int int
svcauth_unix_accept(struct svc_rqst *rqstp, u32 *authp, int proc) svcauth_unix_accept(struct svc_rqst *rqstp, u32 *authp)
{ {
struct iovec *argv = &rqstp->rq_arg.head[0]; struct iovec *argv = &rqstp->rq_arg.head[0];
struct iovec *resv = &rqstp->rq_res.head[0]; struct iovec *resv = &rqstp->rq_res.head[0];
...@@ -470,7 +470,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, u32 *authp, int proc) ...@@ -470,7 +470,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, u32 *authp, int proc)
} }
else rv = SVC_DROP; else rv = SVC_DROP;
if (rqstp->rq_client == NULL && proc != 0) if (rqstp->rq_client == NULL && rqstp->rq_proc != 0)
goto badcred; goto badcred;
return rv; return rv;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment