Attachment #391634 for bug #532514

View | Details | Raw Unified | Return to bug 532514 | Differences between

and this patch

Lines 35-41 Link Here

(-)./utils/gssd/svcgssd.h (-1 / +1 lines)
35	#include <sys/queue.h>	35	#include <sys/queue.h>
36	#include <gssapi/gssapi.h>	36	#include <gssapi/gssapi.h>
37		37
38	void handle_nullreq(FILE *f);	38	void handle_nullreq(int *f);
39	void gssd_run(void);	39	void gssd_run(void);
40		40
41	#define GSSD_SERVICE_NAME "nfs"	41	#define GSSD_SERVICE_NAME "nfs"




#include "context.h"
#include "nfsrpc.h"
#include "nfslib.h"
#include "misc.h"

/*
 * pollarray:

handle_gssd_upcall(struct clnt_info *clp)
{
	uid_t			uid;
	char			lbuf[RPC_CHAN_BUF_SIZE];
	int			lbuflen = 0;
	char			*p;
	char			*mech = NULL;


	printerr(1, "handling gssd upcall (%s)\n", clp->dirname);

	lbuflen = read(clp->gssd_fd, lbuf, sizeof(lbuf));
	if (lbuflen <= 0 || lbuf[lbuflen-1] != '\n') {
		printerr(0, "WARNING: handle_gssd_upcall: "
			    "failed reading request\n");
		return;
	}
	lbuf[lbuflen-1] = 0;

	printerr(2, "%s: '%s'\n", __func__, lbuf);

	/* find the mechanism name */

	}

out:
	free(lbuf);
	free(mech);
	free(enctypes);
	free(target);




	int	cr_ngroups;
	gid_t	cr_groups[NGROUPS];
};
static char vbuf[RPC_CHAN_BUF_SIZE];

static int
do_svc_downcall(gss_buffer_desc *out_handle, struct svc_cred *cred,
		gss_OID mech, gss_buffer_desc *context_token,
		int32_t endtime, char *client_name)
{
	char buf[RPC_CHAN_BUF_SIZE], *bp;
	int i, f, err, blen;
	char *fname = NULL;
	int err;

	printerr(1, "doing downcall\n");
	if ((fname = mech2file(mech)) == NULL)
		goto out_err;
	f = open(SVCGSSD_CONTEXT_CHANNEL, O_WRONLY);
	if (f < 0) {
		printerr(0, "WARNING: unable to open downcall channel "
			     "%s: %s\n",
			     SVCGSSD_CONTEXT_CHANNEL, strerror(errno));
		goto out_err;
	}
	bp = buf, blen = sizeof(buf);
	qword_addhex(&bp, &blen, out_handle->value, out_handle->length);
	/* XXX are types OK for the rest of this? */
	/* For context cache, use the actual context endtime */
	qword_addint(&bp, &blen, endtime);
	qword_addint(&bp, &blen, cred->cr_uid);
	qword_addint(&bp, &blen, cred->cr_gid);
	qword_addint(&bp, &blen, cred->cr_ngroups);
	printerr(2, "mech: %s, hndl len: %d, ctx len %d, timeout: %d (%d from now), "
		 "clnt: %s, uid: %d, gid: %d, num aux grps: %d:\n",
		 fname, out_handle->length, context_token->length,

		 client_name ? client_name : "<null>",
		 cred->cr_uid, cred->cr_gid, cred->cr_ngroups);
	for (i=0; i < cred->cr_ngroups; i++) {
		qword_addint(&bp, &blen, cred->cr_groups[i]);
		printerr(2, "  (%4d) %d\n", i+1, cred->cr_groups[i]);
	}
	qword_add(&bp, &blen, fname);
	qword_addhex(&bp, &blen, context_token->value, context_token->length);
	if (client_name)
		qword_add(&bp, &blen, client_name);
	qword_addeol(&bp, &blen);
	err = 0;
	if (blen <= 0 || write(f, buf, bp - buf) != bp - buf) {
		printerr(1, "WARNING: error writing to downcall channel "
			 "%s: %s\n", SVCGSSD_CONTEXT_CHANNEL, strerror(errno));
		err = -1;
	}
	close(f);
	return err;
out_err:
	printerr(1, "WARNING: downcall failed\n");

}

void
handle_nullreq(int *f) {
	/* XXX initialize to a random integer to reduce chances of unnecessary
	 * invalidation of existing ctx's on restarting svcgssd. */
	static u_int32_t	handle_seq = 0;

	u_int32_t		maj_stat = GSS_S_FAILURE, min_stat = 0;
	u_int32_t		ignore_min_stat;
	struct svc_cred		cred;
	char                    lbuf[RPC_CHAN_BUF_SIZE];
	int                     lbuflen = 0;
	char                    *cp;
	int32_t			ctx_endtime;
	char			*hostbased_name = NULL;

	printerr(1, "handling null request\n");

	lbuflen = read(f, lbuf, sizeof(lbuf));
	if (lbuflen <= 0 || lbuf[lbuflen-1] != '\n') {
		printerr(0, "WARNING: handle_nullreq: "
			    "failed reading request\n");
		return;
	}
	lbuf[lbuflen-1] = 0;
	cp = lbuf;

	in_handle.length = (size_t) qword_get(&cp, in_handle.value,




gssd_run()
{
	int			ret;
	int			f;
	struct pollfd		pollfd;

#define NULLRPC_FILE "/proc/net/rpc/auth.rpcsec.init/channel"

	f = open(NULLRPC_FILE, O_RDWR);

	if (f < 0) {
		printerr(0, "failed to open %s: %s\n",
			 NULLRPC_FILE, strerror(errno));
		exit(1);
	}
	pollfd.fd = f;
	pollfd.events = POLLIN;
	while (1) {
		int save_err;

Return to bug 532514

Lines 77-82 Link Here

(-)./utils/gssd/gssd_proc.c (-3 / +6 lines)
77	#include "context.h"	77	#include "context.h"
78	#include "nfsrpc.h"	78	#include "nfsrpc.h"
79	#include "nfslib.h"	79	#include "nfslib.h"
		80	#include "misc.h"
80		81
81	/*	82	/*
82	* pollarray:	83	* pollarray:
Lines 1225-1231 void Link Here
1225	handle_gssd_upcall(struct clnt_info *clp)	1226	handle_gssd_upcall(struct clnt_info *clp)
1226	{	1227	{
1227	uid_t uid;	1228	uid_t uid;
1228	char *lbuf = NULL;	1229	char lbuf[RPC_CHAN_BUF_SIZE];
1229	int lbuflen = 0;	1230	int lbuflen = 0;
1230	char *p;	1231	char *p;
1231	char *mech = NULL;	1232	char *mech = NULL;
Lines 1235-1245 handle_gssd_upcall(struct clnt_info *clp Link Here
1235		1236
1236	printerr(1, "handling gssd upcall (%s)\n", clp->dirname);	1237	printerr(1, "handling gssd upcall (%s)\n", clp->dirname);
1237		1238
1238	if (readline(clp->gssd_fd, &lbuf, &lbuflen) != 1) {	1239	lbuflen = read(clp->gssd_fd, lbuf, sizeof(lbuf));
		1240	if (lbuflen <= 0 \|\| lbuf[lbuflen-1] != '\n') {
1239	printerr(0, "WARNING: handle_gssd_upcall: "	1241	printerr(0, "WARNING: handle_gssd_upcall: "
1240	"failed reading request\n");	1242	"failed reading request\n");
1241	return;	1243	return;
1242	}	1244	}
		1245	lbuf[lbuflen-1] = 0;
		1246
1243	printerr(2, "%s: '%s'\n", __func__, lbuf);	1247	printerr(2, "%s: '%s'\n", __func__, lbuf);
1244		1248
1245	/* find the mechanism name */	1249	/* find the mechanism name */
Lines 1337-1343 handle_gssd_upcall(struct clnt_info *clp Link Here
1337	}	1341	}
1338		1342
1339	out:	1343	out:
1340	free(lbuf);
1341	free(mech);	1344	free(mech);
1342	free(enctypes);	1345	free(enctypes);
1343	free(target);	1346	free(target);

Lines 72-107 struct svc_cred { Link Here

(-)./utils/gssd/svcgssd_proc.c (-25 / +26 lines)
72	int cr_ngroups;	72	int cr_ngroups;
73	gid_t cr_groups[NGROUPS];	73	gid_t cr_groups[NGROUPS];
74	};	74	};
75	static char vbuf[RPC_CHAN_BUF_SIZE];
76		75
77	static int	76	static int
78	do_svc_downcall(gss_buffer_desc out_handle, struct svc_cred cred,	77	do_svc_downcall(gss_buffer_desc out_handle, struct svc_cred cred,
79	gss_OID mech, gss_buffer_desc *context_token,	78	gss_OID mech, gss_buffer_desc *context_token,
80	int32_t endtime, char *client_name)	79	int32_t endtime, char *client_name)
81	{	80	{
82	FILE *f;	81	char buf[RPC_CHAN_BUF_SIZE], *bp;
83	int i;	82	int i, f, err, blen;
84	char *fname = NULL;	83	char *fname = NULL;
85	int err;
86		84
87	printerr(1, "doing downcall\n");	85	printerr(1, "doing downcall\n");
88	if ((fname = mech2file(mech)) == NULL)	86	if ((fname = mech2file(mech)) == NULL)
89	goto out_err;	87	goto out_err;
90	f = fopen(SVCGSSD_CONTEXT_CHANNEL, "w");	88	f = open(SVCGSSD_CONTEXT_CHANNEL, O_WRONLY);
91	if (f == NULL) {	89	if (f < 0) {
92	printerr(0, "WARNING: unable to open downcall channel "	90	printerr(0, "WARNING: unable to open downcall channel "
93	"%s: %s\n",	91	"%s: %s\n",
94	SVCGSSD_CONTEXT_CHANNEL, strerror(errno));	92	SVCGSSD_CONTEXT_CHANNEL, strerror(errno));
95	goto out_err;	93	goto out_err;
96	}	94	}
97	setvbuf(f, vbuf, _IOLBF, RPC_CHAN_BUF_SIZE);	95	bp = buf, blen = sizeof(buf);
98	qword_printhex(f, out_handle->value, out_handle->length);	96	qword_addhex(&bp, &blen, out_handle->value, out_handle->length);
99	/* XXX are types OK for the rest of this? */	97	/* XXX are types OK for the rest of this? */
100	/* For context cache, use the actual context endtime */	98	/* For context cache, use the actual context endtime */
101	qword_printint(f, endtime);	99	qword_addint(&bp, &blen, endtime);
102	qword_printint(f, cred->cr_uid);	100	qword_addint(&bp, &blen, cred->cr_uid);
103	qword_printint(f, cred->cr_gid);	101	qword_addint(&bp, &blen, cred->cr_gid);
104	qword_printint(f, cred->cr_ngroups);	102	qword_addint(&bp, &blen, cred->cr_ngroups);
105	printerr(2, "mech: %s, hndl len: %d, ctx len %d, timeout: %d (%d from now), "	103	printerr(2, "mech: %s, hndl len: %d, ctx len %d, timeout: %d (%d from now), "
106	"clnt: %s, uid: %d, gid: %d, num aux grps: %d:\n",	104	"clnt: %s, uid: %d, gid: %d, num aux grps: %d:\n",
107	fname, out_handle->length, context_token->length,	105	fname, out_handle->length, context_token->length,
Lines 109-127 do_svc_downcall(gss_buffer_desc *out_han Link Here
109	client_name ? client_name : "<null>",	107	client_name ? client_name : "<null>",
110	cred->cr_uid, cred->cr_gid, cred->cr_ngroups);	108	cred->cr_uid, cred->cr_gid, cred->cr_ngroups);
111	for (i=0; i < cred->cr_ngroups; i++) {	109	for (i=0; i < cred->cr_ngroups; i++) {
112	qword_printint(f, cred->cr_groups[i]);	110	qword_addint(&bp, &blen, cred->cr_groups[i]);
113	printerr(2, " (%4d) %d\n", i+1, cred->cr_groups[i]);	111	printerr(2, " (%4d) %d\n", i+1, cred->cr_groups[i]);
114	}	112	}
115	qword_print(f, fname);	113	qword_add(&bp, &blen, fname);
116	qword_printhex(f, context_token->value, context_token->length);	114	qword_addhex(&bp, &blen, context_token->value, context_token->length);
117	if (client_name)	115	if (client_name)
118	qword_print(f, client_name);	116	qword_add(&bp, &blen, client_name);
119	err = qword_eol(f);	117	qword_addeol(&bp, &blen);
120	if (err) {	118	err = 0;
		119	if (blen <= 0 \|\| write(f, buf, bp - buf) != bp - buf) {
121	printerr(1, "WARNING: error writing to downcall channel "	120	printerr(1, "WARNING: error writing to downcall channel "
122	"%s: %s\n", SVCGSSD_CONTEXT_CHANNEL, strerror(errno));	121	"%s: %s\n", SVCGSSD_CONTEXT_CHANNEL, strerror(errno));
		122	err = -1;
123	}	123	}
124	fclose(f);	124	close(f);
125	return err;	125	return err;
126	out_err:	126	out_err:
127	printerr(1, "WARNING: downcall failed\n");	127	printerr(1, "WARNING: downcall failed\n");
Lines 381-387 out_err: Link Here
381	}	381	}
382		382
383	void	383	void
384	handle_nullreq(FILE *f) {	384	handle_nullreq(int *f) {
385	/* XXX initialize to a random integer to reduce chances of unnecessary	385	/* XXX initialize to a random integer to reduce chances of unnecessary
386	* invalidation of existing ctx's on restarting svcgssd. */	386	* invalidation of existing ctx's on restarting svcgssd. */
387	static u_int32_t handle_seq = 0;	387	static u_int32_t handle_seq = 0;
Lines 403-422 handle_nullreq(FILE *f) { Link Here
403	u_int32_t maj_stat = GSS_S_FAILURE, min_stat = 0;	403	u_int32_t maj_stat = GSS_S_FAILURE, min_stat = 0;
404	u_int32_t ignore_min_stat;	404	u_int32_t ignore_min_stat;
405	struct svc_cred cred;	405	struct svc_cred cred;
406	static char *lbuf = NULL;	406	char lbuf[RPC_CHAN_BUF_SIZE];
407	static int lbuflen = 0;	407	int lbuflen = 0;
408	static char *cp;	408	char *cp;
409	int32_t ctx_endtime;	409	int32_t ctx_endtime;
410	char *hostbased_name = NULL;	410	char *hostbased_name = NULL;
411		411
412	printerr(1, "handling null request\n");	412	printerr(1, "handling null request\n");
413		413
414	if (readline(fileno(f), &lbuf, &lbuflen) != 1) {	414	lbuflen = read(f, lbuf, sizeof(lbuf));
		415	if (lbuflen <= 0 \|\| lbuf[lbuflen-1] != '\n') {
415	printerr(0, "WARNING: handle_nullreq: "	416	printerr(0, "WARNING: handle_nullreq: "
416	"failed reading request\n");	417	"failed reading request\n");
417	return;	418	return;
418	}	419	}
419		420	lbuf[lbuflen-1] = 0;
420	cp = lbuf;	421	cp = lbuf;
421		422
422	in_handle.length = (size_t) qword_get(&cp, in_handle.value,	423	in_handle.length = (size_t) qword_get(&cp, in_handle.value,

Lines 54-72 void Link Here

(-)./utils/gssd/svcgssd_main_loop.c (-4 / +4 lines)
54	gssd_run()	54	gssd_run()
55	{	55	{
56	int ret;	56	int ret;
57	FILE *f;	57	int f;
58	struct pollfd pollfd;	58	struct pollfd pollfd;
59		59
60	#define NULLRPC_FILE "/proc/net/rpc/auth.rpcsec.init/channel"	60	#define NULLRPC_FILE "/proc/net/rpc/auth.rpcsec.init/channel"
61		61
62	f = fopen(NULLRPC_FILE, "rw");	62	f = open(NULLRPC_FILE, O_RDWR);
63		63
64	if (!f) {	64	if (f < 0) {
65	printerr(0, "failed to open %s: %s\n",	65	printerr(0, "failed to open %s: %s\n",
66	NULLRPC_FILE, strerror(errno));	66	NULLRPC_FILE, strerror(errno));
67	exit(1);	67	exit(1);
68	}	68	}
69	pollfd.fd = fileno(f);	69	pollfd.fd = f;
70	pollfd.events = POLLIN;	70	pollfd.events = POLLIN;
71	while (1) {	71	while (1) {
72	int save_err;	72	int save_err;