3 Copyright 1991, 1998 The Open Group
5 Permission to use, copy, modify, distribute, and sell this software and its
6 documentation for any purpose is hereby granted without fee, provided that
7 the above copyright notice appear in all copies and that both that
8 copyright notice and this permission notice appear in supporting
11 The above copyright notice and this permission notice shall be included
12 in all copies or substantial portions of the Software.
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
17 IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
18 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
19 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
20 OTHER DEALINGS IN THE SOFTWARE.
22 Except as contained in this notice, the name of The Open Group shall
23 not be used in advertising or otherwise to promote the sale, use or
24 other dealings in this Software without prior written authorization
30 * SUN-DES-1 authentication mechanism
31 * Author: Mayank Choudhary, Sun Microsystems
34 #ifdef HAVE_DIX_CONFIG_H
35 #include <dix-config.h>
41 #include <X11/Xauth.h>
45 #include "dixstruct.h"
50 /* <rpc/auth.h> only includes this if _KERNEL is #defined... */
51 extern bool_t
xdr_opaque_auth(XDR
*, struct opaque_auth
*);
54 static enum auth_stat why
;
57 authdes_ezdecode(const char *inmsg
, int len
)
60 char cred_area
[MAX_AUTH_BYTES
];
61 char verf_area
[MAX_AUTH_BYTES
];
68 temp_inmsg
= malloc(len
);
69 memmove(temp_inmsg
, inmsg
, len
);
71 memset((char *) &msg
, 0, sizeof(msg
));
72 memset((char *) &r
, 0, sizeof(r
));
73 memset(cred_area
, 0, sizeof(cred_area
));
74 memset(verf_area
, 0, sizeof(verf_area
));
76 msg
.rm_call
.cb_cred
.oa_base
= cred_area
;
77 msg
.rm_call
.cb_verf
.oa_base
= verf_area
;
79 xdrmem_create(&xdr
, temp_inmsg
, len
, XDR_DECODE
);
81 if ((r
.rq_clntcred
= malloc(MAX_AUTH_BYTES
)) == NULL
)
86 res0
= xdr_opaque_auth(&xdr
, &(msg
.rm_call
.cb_cred
));
87 res1
= xdr_opaque_auth(&xdr
, &(msg
.rm_call
.cb_verf
));
91 /* do the authentication */
93 r
.rq_cred
= msg
.rm_call
.cb_cred
; /* read by opaque stuff */
94 if (r
.rq_cred
.oa_flavor
!= AUTH_DES
) {
99 if ((why
= __authenticate(&r
, &msg
)) != AUTH_OK
) {
101 if ((why
= _authenticate(&r
, &msg
)) != AUTH_OK
) {
105 return (((struct authdes_cred
*) r
.rq_clntcred
)->adc_fullname
.name
);
110 return ((char *) 0); /* ((struct authdes_cred *) NULL); */
113 static XID rpc_id
= (XID
) ~0L;
116 CheckNetName(unsigned char *addr
, short len
, pointer closure
)
118 return (len
== strlen((char *) closure
) &&
119 strncmp((char *) addr
, (char *) closure
, len
) == 0);
122 static char rpc_error
[MAXNETNAMELEN
+ 50];
125 SecureRPCCheck(unsigned short data_length
, const char *data
,
126 ClientPtr client
, const char **reason
)
130 if (rpc_id
== (XID
) ~0L) {
131 *reason
= "Secure RPC authorization not initialized";
134 fullname
= authdes_ezdecode(data
, data_length
);
135 if (fullname
== (char *) 0) {
136 snprintf(rpc_error
, sizeof(rpc_error
),
137 "Unable to authenticate secure RPC client (why=%d)", why
);
141 if (ForEachHostInFamily(FamilyNetname
, CheckNetName
, fullname
))
143 snprintf(rpc_error
, sizeof(rpc_error
),
144 "Principal \"%s\" is not authorized to connect", fullname
);
155 AddAuthorization(9, "SUN-DES-1", 0, (char *) 0);
159 SecureRPCAdd(unsigned short data_length
, const char *data
, XID id
)
162 AddHost((pointer
) 0, FamilyNetname
, data_length
, data
);
175 SecureRPCToID(unsigned short data_length
, char *data
)
181 SecureRPCFromID(XID id
, unsigned short *data_lenp
, char **datap
)
187 SecureRPCRemove(unsigned short data_length
, const char *data
)
191 #endif /* SECURE_RPC */