diff options
Diffstat (limited to 'auth/auth.c')
-rw-r--r-- | auth/auth.c | 504 |
1 files changed, 504 insertions, 0 deletions
diff --git a/auth/auth.c b/auth/auth.c new file mode 100644 index 00000000..dd164934 --- /dev/null +++ b/auth/auth.c @@ -0,0 +1,504 @@ +/* Authentication server. + Copyright (C) 1996, 1997, 1998, 1999 Free Software Foundation, Inc. + Written by Roland McGrath. + + This file is part of the GNU Hurd. + + The GNU Hurd is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2, or (at + your option) any later version. + + The GNU Hurd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +#include <stdlib.h> +#include <string.h> +#include <mach.h> +#include <cthreads.h> +#include <hurd.h> +#include <hurd/startup.h> +#include <hurd/ports.h> +#include <hurd/ihash.h> +#include <idvec.h> +#include <assert.h> +#include <argp.h> +#include <error.h> +#include <version.h> +#include "auth_S.h" +#include "auth_reply_U.h" + +const char *argp_program_version = STANDARD_HURD_VERSION(auth); + + +/* Auth handles are server ports with sets of ids. */ +struct authhandle + { + struct port_info pi; + struct idvec euids, egids, auids, agids; + }; + +struct port_bucket *auth_bucket; +struct port_class *authhandle_portclass; + + +/* Create a new auth port. */ + +static error_t +create_authhandle (struct authhandle **new) +{ + error_t err = ports_create_port (authhandle_portclass, auth_bucket, + sizeof **new, new); + if (! err) + bzero (&(*new)->euids, (void *) &(*new)[1] - (void *) &(*new)->euids); + return err; +} + +/* Clean up a dead auth port. */ + +static void +destroy_authhandle (void *p) +{ + struct authhandle *h = p; + idvec_free_contents (&h->euids); + idvec_free_contents (&h->egids); + idvec_free_contents (&h->auids); + idvec_free_contents (&h->agids); +} + +/* Called by server stub functions. */ + +authhandle_t +auth_port_to_handle (auth_t auth) +{ + return ports_lookup_port (auth_bucket, auth, authhandle_portclass); +} + +/* id management. */ + +inline void idvec_copyout (struct idvec *idvec, uid_t **ids, uid_t *nids) +{ + if (idvec->num > *nids) + *ids = idvec->ids; + else + memcpy (*ids, idvec->ids, idvec->num * sizeof *ids); + *nids = idvec->num; +} + +#define C(auth, ids) idvec_copyout (&auth->ids, ids, n##ids) +#define OUTIDS(auth) (C (auth, euids), C (auth, egids), \ + C (auth, auids), C (auth, agids)) + +/* Implement auth_getids as described in <hurd/auth.defs>. */ +kern_return_t +S_auth_getids (struct authhandle *auth, + uid_t **euids, + u_int *neuids, + uid_t **auids, + u_int *nauids, + uid_t **egids, + u_int *negids, + uid_t **agids, + u_int *nagids) +{ + if (! auth) + return EOPNOTSUPP; + + OUTIDS (auth); + + return 0; +} + +/* Implement auth_makeauth as described in <hurd/auth.defs>. */ +kern_return_t +S_auth_makeauth (struct authhandle *auth, + mach_port_t *authpts, u_int nauths, + uid_t *euids, u_int neuids, + uid_t *auids, u_int nauids, + uid_t *egids, u_int negids, + uid_t *agids, u_int nagids, + mach_port_t *newhandle) +{ + struct authhandle *newauth, *auths[1 + nauths]; + int hasroot = 0; + error_t err; + u_int i, j; + + if (!auth) + return EOPNOTSUPP; + + auths[0] = auth; + + /* Fetch the auth structures for all the ports passed in. */ + for (i = 0; i < nauths; i++) + auths[i + 1] = auth_port_to_handle (authpts[i]); + + ++nauths; + + /* Verify that the union of the handles passed in either contains euid 0 + (root), or contains all the requested ids. */ + +#define isuid(uid, auth) \ + (idvec_contains (&(auth)->euids, uid) \ + || idvec_contains (&(auth)->auids, uid)) +#define groupmember(gid, auth) \ + (idvec_contains (&(auth)->egids, gid) \ + || idvec_contains (&(auth)->agids, gid)) +#define isroot(auth) isuid (0, auth) + + for (i = 0; i < nauths; i++) + if (auths[i] && isroot (auths[i])) + { + hasroot = 1; + break; + } + + if (!hasroot) + { + int has_it; + + for (i = 0; i < neuids; i++) + { + has_it = 0; + for (j = 0; j < nauths; j++) + if (auths[j] && isuid (euids[i], auths[j])) + { + has_it = 1; + break; + } + if (!has_it) + goto eperm; + } + + for (i = 0; i < nauids; i++) + { + has_it = 0; + for (j = 0; j < nauths; j++) + if (auths[j] && isuid (auids[i], auths[j])) + { + has_it = 1; + break; + } + if (!has_it) + goto eperm; + } + + for (i = 0; i < negids; i++) + { + has_it = 0; + for (j = 0; j < nauths; j++) + if (auths[j] && groupmember (egids[i], auths[j])) + { + has_it = 1; + break; + } + if (!has_it) + goto eperm; + } + + for (i = 0; i < nagids; i++) + { + has_it = 0; + for (j = 0; j < nauths; j++) + if (auths[j] && groupmember (agids[i], auths[j])) + { + has_it = 1; + break; + } + if (!has_it) + goto eperm; + } + } + + err = create_authhandle (&newauth); + + /* Create a new handle with the specified ids. */ + +#define MERGE S (euids); S (egids); S (auids); S (agids); +#define S(uids) if (!err) err = idvec_merge_ids (&newauth->uids, uids, n##uids) + + MERGE; + +#undef S + + if (! err) + { + for (j = 1; j < nauths; ++j) + mach_port_deallocate (mach_task_self (), authpts[j - 1]); + *newhandle = ports_get_right (newauth); + ports_port_deref (newauth); + } + + for (j = 1; j < nauths; j++) + if (auths[j]) + ports_port_deref (auths[j]); + return err; + + eperm: + for (j = 1; j < nauths; j++) + if (auths[j]) + ports_port_deref (auths[j]); + return EPERM; +} + +/* Transaction handling. */ + +/* Table of pending transactions keyed on RENDEZVOUS. */ +struct ihash *pending_users, *pending_servers; +struct mutex pending_lock = MUTEX_INITIALIZER; + +/* A pending transaction. */ +struct pending + { + void **locp; /* Position in one of the ihash tables. */ + struct condition wakeup; /* The waiter is blocked on this condition. */ + + /* The user's auth handle. */ + struct authhandle *user; + + /* The port to pass back to the user. */ + mach_port_t passthrough; + }; + +/* Implement auth_user_authenticate as described in <hurd/auth.defs>. */ +kern_return_t +S_auth_user_authenticate (struct authhandle *userauth, + mach_port_t rendezvous, + mach_port_t *newport, + mach_msg_type_name_t *newporttype) +{ + struct pending *s; + + if (! userauth) + return EOPNOTSUPP; + + if (rendezvous == MACH_PORT_DEAD) /* Port died in transit. */ + return EINVAL; + + mutex_lock (&pending_lock); + + /* Look for this port in the server list. */ + s = ihash_find (pending_servers, rendezvous); + if (s) + { + /* Found it! Extract the port. */ + *newport = s->passthrough; + *newporttype = MACH_MSG_TYPE_MOVE_SEND; + + /* Remove it from the pending list. */ + ihash_locp_remove (pending_servers, s->locp); + + /* Give the server the auth port and wake the RPC up. + We need to add a ref in case the port dies. */ + s->user = userauth; + ports_port_ref (userauth); + + condition_signal (&s->wakeup); + mutex_unlock (&pending_lock); + + mach_port_deallocate (mach_task_self (), rendezvous); + return 0; + } + else + { + /* No pending server RPC for this port. + Create a pending user RPC record. */ + struct pending u; + error_t err; + + err = ihash_add (pending_users, rendezvous, &u, &u.locp); + if (! err) + { + /* Store the user auth port and wait for the server RPC to wake + us up. */ + u.user = userauth; + condition_init (&u.wakeup); + ports_interrupt_self_on_port_death (userauth, rendezvous); + if (hurd_condition_wait (&u.wakeup, &pending_lock)) + /* We were interrupted; remove our record. */ + { + ihash_locp_remove (pending_users, u.locp); + err = EINTR; + } + } + /* The server side has already removed U from the ihash table. */ + mutex_unlock (&pending_lock); + + if (! err) + { + /* The server RPC has set the port and signalled U.wakeup. */ + *newport = u.passthrough; + *newporttype = MACH_MSG_TYPE_MOVE_SEND; + mach_port_deallocate (mach_task_self (), rendezvous); + } + return err; + } +} + +/* Implement auth_server_authenticate as described in <hurd/auth.defs>. */ +kern_return_t +S_auth_server_authenticate (struct authhandle *serverauth, + mach_port_t reply, + mach_msg_type_name_t reply_type, + mach_port_t rendezvous, + mach_port_t newport, + mach_msg_type_name_t newport_type, + uid_t **euids, + u_int *neuids, + uid_t **auids, + u_int *nauids, + uid_t **egids, + u_int *negids, + uid_t **agids, + u_int *nagids) +{ + struct pending *u; + struct authhandle *user; + + if (! serverauth) + return EOPNOTSUPP; + + if (rendezvous == MACH_PORT_DEAD) /* Port died in transit. */ + return EINVAL; + + mutex_lock (&pending_lock); + + /* Look for this port in the user list. */ + u = ihash_find (pending_users, rendezvous); + if (u) + { + /* Remove it from the pending list. */ + ihash_locp_remove (pending_users, u->locp); + + /* Found it! We must add a ref because the one held by the + user RPC might die as soon as we unlock pending_lock. */ + user = u->user; + ports_port_ref (user); + + /* Give the user the new port and wake the RPC up. */ + u->passthrough = newport; + + condition_signal (&u->wakeup); + mutex_unlock (&pending_lock); + } + else + { + /* No pending user RPC for this port. + Create a pending server RPC record. */ + struct pending s; + error_t err; + + err = ihash_add (pending_servers, rendezvous, &s, &s.locp); + if (! err) + { + /* Store the new port and wait for the user RPC to wake us up. */ + s.passthrough = newport; + condition_init (&s.wakeup); + ports_interrupt_self_on_port_death (serverauth, rendezvous); + if (hurd_condition_wait (&s.wakeup, &pending_lock)) + /* We were interrupted; remove our record. */ + { + ihash_locp_remove (pending_servers, s.locp); + err = EINTR; + } + } + /* The user side has already removed S from the ihash table. */ + mutex_unlock (&pending_lock); + + if (err) + return err; + + /* The user RPC has set the port (with a ref) and signalled S.wakeup. */ + user = s.user; + } + + /* Extract the ids. We must use a separate reply stub so + we can deref the user auth handle after the reply uses its + contents. */ + auth_server_authenticate_reply (reply, reply_type, 0, + user->euids.ids, user->euids.num, + user->auids.ids, user->auids.num, + user->egids.ids, user->egids.num, + user->agids.ids, user->agids.num); + ports_port_deref (user); + mach_port_deallocate (mach_task_self (), rendezvous); + return MIG_NO_REPLY; +} + + + +static int +auth_demuxer (mach_msg_header_t *inp, mach_msg_header_t *outp) +{ + extern int auth_server (mach_msg_header_t *inp, mach_msg_header_t *outp); + return (auth_server (inp, outp) || + ports_interrupt_server (inp, outp) || + ports_notify_server (inp, outp)); +} + + +int +main (int argc, char **argv) +{ + error_t err; + mach_port_t boot; + process_t proc; + mach_port_t hostpriv, masterdev; + struct authhandle *firstauth; + + argp_parse (0, argc, argv, 0, 0, 0); + + auth_bucket = ports_create_bucket (); + authhandle_portclass = ports_create_class (&destroy_authhandle, 0); + + /* Create the initial root auth handle. */ + err = create_authhandle (&firstauth); + assert_perror (err); + idvec_add (&firstauth->euids, 0); + idvec_add (&firstauth->auids, 0); + idvec_add (&firstauth->auids, 0); + idvec_merge (&firstauth->egids, &firstauth->euids); + idvec_merge (&firstauth->agids, &firstauth->auids); + + /* Fetch our bootstrap port and contact the bootstrap filesystem. */ + err = task_get_bootstrap_port (mach_task_self (), &boot); + assert_perror (err); + if (boot == MACH_PORT_NULL) + error (2, 0, "auth server can only be run by init during boot"); + err = startup_authinit (boot, ports_get_right (firstauth), + MACH_MSG_TYPE_MAKE_SEND, &proc); + if (err) + error (2, err, "cannot contact init for bootstrap"); + + /* Register ourselves with the proc server and then start signals. */ + proc_getprivports (proc, &hostpriv, &masterdev); + proc_register_version (proc, hostpriv, "auth", "", HURD_VERSION); + mach_port_deallocate (mach_task_self (), masterdev); + _hurd_port_set (&_hurd_ports[INIT_PORT_PROC], proc); + _hurd_proc_init (argv, NULL, 0); + + /* Init knows intimately that we will be ready for messages + as soon as this returns. */ + startup_essential_task (boot, mach_task_self (), MACH_PORT_NULL, "auth", + hostpriv); + mach_port_deallocate (mach_task_self (), boot); + mach_port_deallocate (mach_task_self (), hostpriv); + + /* Allocate the hash tables. */ + err = ihash_create (&pending_users); + assert_perror (err); + err = ihash_create (&pending_servers); + assert_perror (err); + + /* Be a server. */ + while (1) + ports_manage_port_operations_multithread (auth_bucket, + auth_demuxer, + 30 * 1000, 0, 0); +} |