2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 2N/A * Use is subject to license terms. 2N/A/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 2N/A/* All Rights Reserved */ 2N/A * Portions of this source code were derived from Berkeley 2N/A * 4.3 BSD under license from the Regents of the University of 2N/A * We insure for the service the following: 2N/A * (1) The timestamp microseconds do not exceed 1 million. 2N/A * (2) The timestamp plus the window is less than the current time. 2N/A * (3) The timestamp is not less than the one previously 2N/A * seen in the current session. 2N/A * It is up to the server to determine if the window size is 2N/A * LRU cache of conversation keys and some other useful items. 2N/A * A rwlock_t would seem to make more sense, but it turns out we always 2N/A * muck with the cache entries, so would always need a write lock (in 2N/A * which case, we might as well use a mutex). 2N/A /* find an entry in the cache */ 2N/A * Service side authenticator for AUTH_DES 2N/A /* LINTED pointer cast */ 2N/A * Get the credential 2N/A /* LINTED pointer cast */ 2N/A /* LINTED pointer cast */ 2N/A * Get the conversation key 2N/A * if the user has no public key, treat him as the 2N/A * unauthenticated identity - nobody. If this 2N/A * works, it means the client didn't find the 2N/A * user's keys and used nobody's secret key 2N/A "_svcauth_des: no public key for nobody or ",
2N/A * found a public key for nobody. change 2N/A * the fullname id to nobody, so the caller 2N/A * thinks the client specified nobody 2N/A * as the user identity. 2N/A "_svcauth_des: key_decryptsessionkey failed for",
2N/A }
else {
/* ADN_NICKNAME */ 2N/A /* actually check that the entry is not null */ 2N/A * Decrypt the timestamp 2N/A * XDR the decrypted timestamp 2N/A * Check for valid credentials and verifiers. 2N/A * They could be invalid because the key was flushed 2N/A * out of the cache, and so a new session should begin. 2N/A * Be sure and send AUTH_REJECTED{CRED, VERF} if this is the case. 2N/A "_svcauth_des: corrupted window from",
2N/A /* garbled credential or invalid secret key */ 2N/A "_svcauth_des: replayed credential from",
2N/A }
else {
/* ADN_NICKNAME */ 2N/A "_svcauth_des: invalid timestamp received from",
2N/A /* cached out (bad key), or garbled verifier */ 2N/A "_svcauth_des: timestamp is earlier than the one previously seen from",
2N/A "_svcauth_des: timestamp expired for",
2N/A /* replay, or garbled credential */ 2N/A * Set up the reply verifier 2N/A * xdr the timestamp before encrypting 2N/A * encrypt the timestamp 2N/A * Serialize the reply verifier, and update rqst 2N/A /* LINTED pointer cast */ 2N/A "_svcauth_des: Authenticator length error",
2N/A * We succeeded, commit the data to the cache now and 2N/A * finish cooking the credential. 2N/A /* mark any cached cred invalid */ 2N/A }
else {
/* ADN_NICKNAME */ 2N/A * nicknames are cooked into fullnames 2N/A * Initialize the cache 2N/A/* LOCK HELD ON ENTRY: authdes_lock */ 2N/A * Initialize the lru chain (linked-list) 2N/A * These elements of the chain need special attention... 2N/A * Find the lru victim 2N/A/* LOCK HELD ON ENTRY: authdes_lock */ 2N/A * Note that sid was referenced 2N/A/* LOCK HELD ON ENTRY: authdes_lock */ 2N/A * move referenced item from its place on the LRU chain 2N/A * to the tail of the chain while checking for special 2N/A * conditions (mainly for performance). 2N/A * Find a spot in the cache for a credential containing 2N/A * the items given. Return -1 if a replay is detected, otherwise 2N/A * return the spot in the cache. 2N/A/* LOCK HELD ON ENTRY: authdes_lock */ 2N/A return (-
1);
/* replay */ 2N/A * Local credential handling stuff. 2N/A * NOTE: bsd unix dependent. 2N/A * Other operating systems should put something else here. 2N/A#
define UNKNOWN -
2 /* grouplen, if cached cred is unknown user */ 2N/A#
define INVALID -
1 /* grouplen, if cache entry is invalid */ 2N/A /* LINTED pointer cast */ 2N/A * Map a des credential into a unix cred. 2N/A * We cache the credential here so the application does 2N/A * not have to make an rpc call every time to interpret 2N/A /* LINTED pointer cast */ 2N/A * not in cache: lookup 2N/A /* mark as lookup up, but not found */ 2N/A * Already lookup up, but no match found 2N/A * cached credentials