1 /* $XConsortium: rpcauth.c,v 1.9 94/04/17 20:27:06 gildea Exp $ */
2 /* $XFree86: xc/programs/Xserver/os/rpcauth.c,v 3.0 1995/07/07 15:46:07 dawes Exp $ */
5 Copyright (c) 1991 X Consortium
7 Permission is hereby granted, free of charge, to any person obtaining
8 a copy of this software and associated documentation files (the
9 "Software"), to deal in the Software without restriction, including
10 without limitation the rights to use, copy, modify, merge, publish,
11 distribute, sublicense, and/or sell copies of the Software, and to
12 permit persons to whom the Software is furnished to do so, subject to
13 the following conditions:
15 The above copyright notice and this permission notice shall be included
16 in all copies or substantial portions of the Software.
18 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
19 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
20 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
21 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
22 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
23 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
24 OTHER DEALINGS IN THE SOFTWARE.
26 Except as contained in this notice, the name of the X Consortium shall
27 not be used in advertising or otherwise to promote the sale, use or
28 other dealings in this Software without prior written authorization
29 from the X Consortium.
34 * SUN-DES-1 authentication mechanism
35 * Author: Mayank Choudhary, Sun Microsystems
46 #include "dixstruct.h"
52 #include <rpc/auth_des.h>
55 static enum auth_stat why;
58 authdes_ezdecode(inmsg, len)
63 char cred_area[MAX_AUTH_BYTES];
64 char verf_area[MAX_AUTH_BYTES];
71 temp_inmsg = (char *) xalloc(len);
72 memmove(temp_inmsg, inmsg, len);
74 memset((char *)&msg, 0, sizeof(msg));
75 memset((char *)&r, 0, sizeof(r));
76 memset(cred_area, 0, sizeof(cred_area));
77 memset(verf_area, 0, sizeof(verf_area));
79 msg.rm_call.cb_cred.oa_base = cred_area;
80 msg.rm_call.cb_verf.oa_base = verf_area;
82 xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE);
84 if ((r.rq_clntcred = (caddr_t) xalloc(MAX_AUTH_BYTES)) == NULL)
89 res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred));
90 res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf));
91 if ( ! (res0 && res1) )
94 /* do the authentication */
96 r.rq_cred = msg.rm_call.cb_cred; /* read by opaque stuff */
97 if (r.rq_cred.oa_flavor != AUTH_DES) {
102 if ((why = __authenticate(&r, &msg)) != AUTH_OK) {
104 if ((why = _authenticate(&r, &msg)) != AUTH_OK) {
108 return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name);
111 xfree(r.rq_clntcred);
113 return ((char *)0); /* ((struct authdes_cred *) NULL); */
116 static XID rpc_id = (XID) ~0L;
119 CheckNetName (addr, len, closure)
124 return (len == strlen ((char *) closure) &&
125 strncmp ((char *) addr, (char *) closure, len) == 0);
128 static char rpc_error[MAXNETNAMELEN+50];
131 SecureRPCCheck (data_length, data, client, reason)
132 register unsigned short data_length;
139 if (rpc_id == (XID) ~0L) {
140 *reason = "Secure RPC authorization not initialized";
142 fullname = authdes_ezdecode(data, data_length);
143 if (fullname == (char *)0) {
144 sprintf(rpc_error, "Unable to authenticate secure RPC client (why=%d)", why);
147 if (ForEachHostInFamily (FamilyNetname, CheckNetName,
151 sprintf(rpc_error, "Principal \"%s\" is not authorized to connect",
164 AddAuthorization (9, "SUN-DES-1", 0, (char *) 0);
168 SecureRPCAdd (data_length, data, id)
169 unsigned short data_length;
174 AddHost ((pointer) 0, FamilyNetname, data_length, data);
185 SecureRPCToID (data_length, data)
186 unsigned short data_length;
192 SecureRPCFromID (id, data_lenp, datap)
194 unsigned short *data_lenp;
200 SecureRPCRemove (data_length, data)
201 unsigned short data_length;
206 #endif /* SECURE_RPC */