6 patches fixing server rpc callback authentication

6 patches fixing server rpc callback authentication

[J. Bruce Fields]

This is my second attempt; sorry for the delay.

To summarize the problem: The server insists on checking incoming rpc calls
against the list of clients that nfsd exports to, for all rpc services.  The
most visible bug caused by this is unnecessary delays granting locks, caused by
the client's lockd incorrectly rejecting GRANTED callbacks.

The following patches replace the client checks in svcauth_unix.c by a
program-specific pg_authenticate() callback.  In the case of nfsd,
pg_authenticate just does the usual client checks.

Changes since the previous version of these patches:

	* Move the call to the pg_authenticate() callback into svc_process()
	  and out of the flavor-specific code.
	* Add a flavor-specific callback to the server's rpc auth_ops to map
	  an incoming request to the "client" it is thought to be from, for
	  pg_authenticate to use in the case where it wants a client for
	  later checking against the export list.

I've tested that this does at least solve the problem with lockd callbacks.

--b.


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 4 of 6] nfs4: use new pg_set_client method to simplify nfs4 callback authentication

[J. Bruce Fields]

Use new pg_authenticate method to simplify nfs4 callback authentication.

This also has the effect of changing the error return from rejectedcred to
badcred.  I believe the change is correct.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/fs/nfs/callback.c |  156 +----------------------------
 1 files changed, 9 insertions(+), 147 deletions(-)

diff -puN fs/nfs/callback.c~nfs4_simplify_callback_auth fs/nfs/callback.c
--- linux-2.6.10-rc3/fs/nfs/callback.c~nfs4_simplify_callback_auth	2004-12-08 15:12:12.000000000 -0500
+++ linux-2.6.10-rc3-bfields/fs/nfs/callback.c	2004-12-08 15:12:12.000000000 -0500
@@ -139,133 +139,10 @@ out:
 	return ret;
 }
 
-/*
- * AUTH_NULL authentication
- */
-static int nfs_callback_null_accept(struct svc_rqst *rqstp, u32 *authp)
-{
-	struct kvec    *argv = &rqstp->rq_arg.head[0];
-	struct kvec    *resv = &rqstp->rq_res.head[0];
-
-	if (argv->iov_len < 3*4)
-		return SVC_GARBAGE;
-
-	if (svc_getu32(argv) != 0) {
-		dprintk("svc: bad null cred\n");
-		*authp = rpc_autherr_badcred;
-		return SVC_DENIED;
-	}
-	if (svc_getu32(argv) != RPC_AUTH_NULL || svc_getu32(argv) != 0) {
-		dprintk("svc: bad null verf\n");
-		 *authp = rpc_autherr_badverf;
-		 return SVC_DENIED;
-	}
-
-	/* Signal that mapping to nobody uid/gid is required */
-	rqstp->rq_cred.cr_uid = (uid_t) -1;
-	rqstp->rq_cred.cr_gid = (gid_t) -1;
-	rqstp->rq_cred.cr_group_info = groups_alloc(0);
-	if (rqstp->rq_cred.cr_group_info == NULL)
-		return SVC_DROP; /* kmalloc failure - client must retry */
-
-	/* Put NULL verifier */
-	svc_putu32(resv, RPC_AUTH_NULL);
-	svc_putu32(resv, 0);
-	dprintk("%s: success, returning %d!\n", __FUNCTION__, SVC_OK);
-	return SVC_OK;
-}
-
-static int nfs_callback_null_release(struct svc_rqst *rqstp)
-{
-	if (rqstp->rq_cred.cr_group_info)
-		put_group_info(rqstp->rq_cred.cr_group_info);
-	rqstp->rq_cred.cr_group_info = NULL;
-	return 0; /* don't drop */
-}
-
-static struct auth_ops nfs_callback_auth_null = {
-	.name = "null",
-	.flavour = RPC_AUTH_NULL,
-	.accept = nfs_callback_null_accept,
-	.release = nfs_callback_null_release,
-};
-
-/*
- * AUTH_SYS authentication
- */
-static int nfs_callback_unix_accept(struct svc_rqst *rqstp, u32 *authp)
-{
-	struct kvec    *argv = &rqstp->rq_arg.head[0];
-	struct kvec    *resv = &rqstp->rq_res.head[0];
-	struct svc_cred *cred = &rqstp->rq_cred;
-	u32 slen, i;
-	int len = argv->iov_len;
-
-	dprintk("%s: start\n", __FUNCTION__);
-	cred->cr_group_info = NULL;
-	rqstp->rq_client = NULL;
-	if ((len -= 3*4) < 0)
-		return SVC_GARBAGE;
-
-	/* Get length, time stamp and machine name */
-	svc_getu32(argv);
-	svc_getu32(argv);
-	slen = XDR_QUADLEN(ntohl(svc_getu32(argv)));
-	if (slen > 64 || (len -= (slen + 3)*4) < 0)
-		goto badcred;
-	argv->iov_base = (void*)((u32*)argv->iov_base + slen);
-	argv->iov_len -= slen*4;
-
-	cred->cr_uid = ntohl(svc_getu32(argv));
-	cred->cr_gid = ntohl(svc_getu32(argv));
-	slen = ntohl(svc_getu32(argv));
-	if (slen > 16 || (len -= (slen + 2)*4) < 0)
-		goto badcred;
-	cred->cr_group_info = groups_alloc(slen);
-	if (cred->cr_group_info == NULL)
-		return SVC_DROP;
-	for (i = 0; i < slen; i++)
-		GROUP_AT(cred->cr_group_info, i) = ntohl(svc_getu32(argv));
-
-	if (svc_getu32(argv) != RPC_AUTH_NULL || svc_getu32(argv) != 0) {
-		*authp = rpc_autherr_badverf;
-		return SVC_DENIED;
-	}
-	/* Put NULL verifier */
-	svc_putu32(resv, RPC_AUTH_NULL);
-	svc_putu32(resv, 0);
-	dprintk("%s: success, returning %d!\n", __FUNCTION__, SVC_OK);
-	return SVC_OK;
-badcred:
-	*authp = rpc_autherr_badcred;
-	return SVC_DENIED;
-}
-
-static int nfs_callback_unix_release(struct svc_rqst *rqstp)
-{
-	if (rqstp->rq_cred.cr_group_info)
-		put_group_info(rqstp->rq_cred.cr_group_info);
-	rqstp->rq_cred.cr_group_info = NULL;
-	return 0;
-}
-
-static struct auth_ops nfs_callback_auth_unix = {
-	.name = "unix",
-	.flavour = RPC_AUTH_UNIX,
-	.accept = nfs_callback_unix_accept,
-	.release = nfs_callback_unix_release,
-};
-
-/*
- * Hook the authentication protocol
- */
-static int nfs_callback_auth(struct svc_rqst *rqstp, u32 *authp)
+static int nfs_callback_authenticate(struct svc_rqst *rqstp)
 {
 	struct in_addr *addr = &rqstp->rq_addr.sin_addr;
 	struct nfs4_client *clp;
-	struct kvec *argv = &rqstp->rq_arg.head[0];
-	int flavour;
-	int retval;
 
 	/* Don't talk to strangers */
 	clp = nfs4_find_client(addr);
@@ -273,34 +150,19 @@ static int nfs_callback_auth(struct svc_
 		return SVC_DROP;
 	dprintk("%s: %u.%u.%u.%u NFSv4 callback!\n", __FUNCTION__, NIPQUAD(addr));
 	nfs4_put_client(clp);
-	flavour = ntohl(svc_getu32(argv));
-	switch(flavour) {
+	switch (rqstp->rq_authop->flavour) {
 		case RPC_AUTH_NULL:
-			if (rqstp->rq_proc != CB_NULL) {
-				*authp = rpc_autherr_tooweak;
-				retval = SVC_DENIED;
-				break;
-			}
-			rqstp->rq_authop = &nfs_callback_auth_null;
-			retval = nfs_callback_null_accept(rqstp, authp);
+			if (rqstp->rq_proc != CB_NULL)
+				return SVC_DENIED;
 			break;
 		case RPC_AUTH_UNIX:
-			/* Eat the authentication flavour */
-			rqstp->rq_authop = &nfs_callback_auth_unix;
-			retval = nfs_callback_unix_accept(rqstp, authp);
 			break;
+		case RPC_AUTH_GSS:
+			/* FIXME: RPCSEC_GSS handling? */
 		default:
-			/* FIXME: need to add RPCSEC_GSS upcalls */
-#if 0
-			svc_ungetu32(argv);
-			retval = svc_authenticate(rqstp, authp);
-#else
-			*authp = rpc_autherr_rejectedcred;
-			retval = SVC_DENIED;
-#endif
+			return SVC_DENIED;
 	}
-	dprintk("%s: flavour %d returning error %d\n", __FUNCTION__, flavour, retval);
-	return retval;
+	return SVC_OK;
 }
 
 /*
@@ -321,5 +183,5 @@ static struct svc_program nfs4_callback_
 	.pg_name = "NFSv4 callback",			/* service name */
 	.pg_class = "nfs",				/* authentication class */
 	.pg_stats = &nfs4_callback_stats,
-	.pg_authenticate_obsolete = nfs_callback_auth,
+	.pg_authenticate = nfs_callback_authenticate,
 };
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 1 of 6] svcrpc: add a per-flavor set_client method

[J. Bruce Fields]

Add a set_client method to the server rpc auth_ops struct, used to set the
client (for the purposes of nfsd export authorization) using flavor-specific
information.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/include/linux/sunrpc/svcauth.h    |    2 +
 linux-2.6.10-rc3-bfields/net/sunrpc/auth_gss/svcauth_gss.c |   14 +++++++++++++
 linux-2.6.10-rc3-bfields/net/sunrpc/sunrpc_syms.c          |    1 
 linux-2.6.10-rc3-bfields/net/sunrpc/svcauth.c              |    5 ++++
 linux-2.6.10-rc3-bfields/net/sunrpc/svcauth_unix.c         |    2 +
 5 files changed, 24 insertions(+)

diff -puN include/linux/sunrpc/svcauth.h~svcrpc_per_flavor_set_client_method include/linux/sunrpc/svcauth.h
--- linux-2.6.10-rc3/include/linux/sunrpc/svcauth.h~svcrpc_per_flavor_set_client_method	2004-12-09 16:37:51.000000000 -0500
+++ linux-2.6.10-rc3-bfields/include/linux/sunrpc/svcauth.h	2004-12-09 16:37:51.000000000 -0500
@@ -92,6 +92,7 @@ struct auth_ops {
 	int	(*accept)(struct svc_rqst *rq, u32 *authp);
 	int	(*release)(struct svc_rqst *rq);
 	void	(*domain_release)(struct auth_domain *);
+	int	(*set_client)(struct svc_rqst *rq);
 };
 
 #define	SVC_GARBAGE	1
@@ -107,6 +108,7 @@ struct auth_ops {
 
 extern int	svc_authenticate(struct svc_rqst *rqstp, u32 *authp);
 extern int	svc_authorise(struct svc_rqst *rqstp);
+extern int	svc_set_client(struct svc_rqst *rqstp);
 extern int	svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops);
 extern void	svc_auth_unregister(rpc_authflavor_t flavor);
 
diff -puN net/sunrpc/auth_gss/svcauth_gss.c~svcrpc_per_flavor_set_client_method net/sunrpc/auth_gss/svcauth_gss.c
--- linux-2.6.10-rc3/net/sunrpc/auth_gss/svcauth_gss.c~svcrpc_per_flavor_set_client_method	2004-12-09 16:37:51.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/auth_gss/svcauth_gss.c	2004-12-09 16:37:51.000000000 -0500
@@ -730,6 +730,19 @@ struct gss_svc_data {
 	struct rsc			*rsci;
 };
 
+static int
+svcauth_gss_set_client(struct svc_rqst *rqstp)
+{
+	struct gss_svc_data *svcdata = rqstp->rq_auth_data;
+	struct rsc *rsci = svcdata->rsci;
+	struct rpc_gss_wire_cred *gc = &svcdata->clcred;
+
+	rqstp->rq_client = find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
+	if (rqstp->rq_client == NULL)
+		return SVC_DENIED;
+	return SVC_OK;
+}
+
 /*
  * Accept an rpcsec packet.
  * If context establishment, punt to user space
@@ -1052,6 +1065,7 @@ struct auth_ops svcauthops_gss = {
 	.accept		= svcauth_gss_accept,
 	.release	= svcauth_gss_release,
 	.domain_release = svcauth_gss_domain_release,
+	.set_client	= svcauth_gss_set_client,
 };
 
 int
diff -puN net/sunrpc/sunrpc_syms.c~svcrpc_per_flavor_set_client_method net/sunrpc/sunrpc_syms.c
--- linux-2.6.10-rc3/net/sunrpc/sunrpc_syms.c~svcrpc_per_flavor_set_client_method	2004-12-09 16:37:51.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/sunrpc_syms.c	2004-12-09 16:37:51.000000000 -0500
@@ -90,6 +90,7 @@ EXPORT_SYMBOL(svc_reserve);
 EXPORT_SYMBOL(svc_auth_register);
 EXPORT_SYMBOL(auth_domain_lookup);
 EXPORT_SYMBOL(svc_authenticate);
+EXPORT_SYMBOL(svc_set_client);
 
 /* RPC statistics */
 #ifdef CONFIG_PROC_FS
diff -puN net/sunrpc/svcauth.c~svcrpc_per_flavor_set_client_method net/sunrpc/svcauth.c
--- linux-2.6.10-rc3/net/sunrpc/svcauth.c~svcrpc_per_flavor_set_client_method	2004-12-09 16:37:51.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svcauth.c	2004-12-09 16:37:51.000000000 -0500
@@ -59,6 +59,11 @@ svc_authenticate(struct svc_rqst *rqstp,
 	return aops->accept(rqstp, authp);
 }
 
+int svc_set_client(struct svc_rqst *rqstp)
+{
+	return rqstp->rq_authop->set_client(rqstp);
+}
+
 /* A request, which was authenticated, has now executed.
  * Time to finalise the the credentials and verifier
  * and release and resources
diff -puN net/sunrpc/svcauth_unix.c~svcrpc_per_flavor_set_client_method net/sunrpc/svcauth_unix.c
--- linux-2.6.10-rc3/net/sunrpc/svcauth_unix.c~svcrpc_per_flavor_set_client_method	2004-12-09 16:37:51.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svcauth_unix.c	2004-12-09 16:37:51.000000000 -0500
@@ -430,6 +430,7 @@ struct auth_ops svcauth_null = {
 	.flavour	= RPC_AUTH_NULL,
 	.accept 	= svcauth_null_accept,
 	.release	= svcauth_null_release,
+	.set_client	= svcauth_unix_set_client,
 };
 
 
@@ -511,5 +512,6 @@ struct auth_ops svcauth_unix = {
 	.accept 	= svcauth_unix_accept,
 	.release	= svcauth_unix_release,
 	.domain_release	= svcauth_unix_domain_release,
+	.set_client	= svcauth_unix_set_client,
 };
 
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 2 of 6] svcrpc: rename pg_authenticate

[J. Bruce Fields]

Later patches remove pg_authenticate and use the name for a different purpose;
so rename it to pg_authenticate_obsolete for now.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/fs/nfs/callback.c          |    2 +-
 linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h |    2 +-
 linux-2.6.10-rc3-bfields/net/sunrpc/svc.c           |    4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff -puN fs/nfs/callback.c~svcrpc_rename_pg_authenticate fs/nfs/callback.c
--- linux-2.6.10-rc3/fs/nfs/callback.c~svcrpc_rename_pg_authenticate	2004-12-08 15:12:10.000000000 -0500
+++ linux-2.6.10-rc3-bfields/fs/nfs/callback.c	2004-12-08 15:12:10.000000000 -0500
@@ -321,5 +321,5 @@ static struct svc_program nfs4_callback_
 	.pg_name = "NFSv4 callback",			/* service name */
 	.pg_class = "nfs",				/* authentication class */
 	.pg_stats = &nfs4_callback_stats,
-	.pg_authenticate = nfs_callback_auth,
+	.pg_authenticate_obsolete = nfs_callback_auth,
 };
diff -puN include/linux/sunrpc/svc.h~svcrpc_rename_pg_authenticate include/linux/sunrpc/svc.h
--- linux-2.6.10-rc3/include/linux/sunrpc/svc.h~svcrpc_rename_pg_authenticate	2004-12-08 15:12:10.000000000 -0500
+++ linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h	2004-12-08 15:12:10.000000000 -0500
@@ -252,7 +252,7 @@ struct svc_program {
 	char *			pg_class;	/* class name: services sharing authentication */
 	struct svc_stat *	pg_stats;	/* rpc statistics */
 	/* Override authentication. NULL means use default */
-	int			(*pg_authenticate)(struct svc_rqst *, u32 *);
+	int			(*pg_authenticate_obsolete)(struct svc_rqst *, u32 *);
 };
 
 /*
diff -puN net/sunrpc/svc.c~svcrpc_rename_pg_authenticate net/sunrpc/svc.c
--- linux-2.6.10-rc3/net/sunrpc/svc.c~svcrpc_rename_pg_authenticate	2004-12-08 15:12:10.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svc.c	2004-12-08 15:12:10.000000000 -0500
@@ -311,8 +311,8 @@ svc_process(struct svc_serv *serv, struc
 	 * We do this before anything else in order to get a decent
 	 * auth verifier.
 	 */
-	if (progp->pg_authenticate != NULL)
-		auth_res = progp->pg_authenticate(rqstp, &auth_stat);
+	if (progp->pg_authenticate_obsolete != NULL)
+		auth_res = progp->pg_authenticate_obsolete(rqstp, &auth_stat);
 	else
 		auth_res = svc_authenticate(rqstp, &auth_stat);
 	switch (auth_res) {
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 5 of 6] lockd: don't try to match callback requests against export table

[J. Bruce Fields]

On lockd callbacks, we're a client, and the source address is that of a server,
so we shouldn't be trying to match the source address of the callback request
against our export table.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/fs/lockd/svc.c |   18 ++++++++++++++++++
 1 files changed, 18 insertions(+)

diff -puN fs/lockd/svc.c~lockd_fix_authentication fs/lockd/svc.c
--- linux-2.6.10-rc3/fs/lockd/svc.c~lockd_fix_authentication	2004-12-08 15:12:13.000000000 -0500
+++ linux-2.6.10-rc3-bfields/fs/lockd/svc.c	2004-12-09 14:46:46.000000000 -0500
@@ -403,6 +403,18 @@ static int param_set_##name(const char *
 	return 0;							\
 }
 
+static inline int is_callback(u32 proc)
+{
+	return proc == NLMPROC_GRANTED
+		|| proc == NLMPROC_GRANTED_MSG
+		|| proc == NLMPROC_TEST_RES
+		|| proc == NLMPROC_LOCK_RES
+		|| proc == NLMPROC_CANCEL_RES
+		|| proc == NLMPROC_UNLOCK_RES
+		|| proc == NLMPROC_NSM_NOTIFY;
+}
+
+
 static int lockd_authenticate(struct svc_rqst *rqstp)
 {
 	rqstp->rq_client = NULL;
@@ -411,6 +423,12 @@ static int lockd_authenticate(struct svc
 		case RPC_AUTH_UNIX:
 			if (rqstp->rq_proc == 0)
 				return SVC_OK;
+			if (is_callback(rqstp->rq_proc)) {
+				/* Leave it to individual procedures to
+				 * call nlmsvc_lookup_host(rqstp)
+				 */
+				return SVC_OK;
+			}
 			return svc_set_client(rqstp);
 	}
 	return SVC_DENIED;
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 6 of 6] nfsd: remove pg_authenticate field

[J. Bruce Fields]

The pg_authenticate (now pg_authenticate_obsolete) callback was only being used
by the nfs4 client callback code to circumvent the svcauth_unix code's
insistence on checking all requests against the export table.  With that
problem solved, we no longer need it.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h |    2 --
 linux-2.6.10-rc3-bfields/net/sunrpc/svc.c           |    5 +----
 2 files changed, 1 insertion(+), 6 deletions(-)

diff -puN include/linux/sunrpc/svc.h~nfsd_remove_pg_authenticate include/linux/sunrpc/svc.h
--- linux-2.6.10-rc3/include/linux/sunrpc/svc.h~nfsd_remove_pg_authenticate	2004-12-08 15:12:14.000000000 -0500
+++ linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h	2004-12-08 15:12:14.000000000 -0500
@@ -251,8 +251,6 @@ struct svc_program {
 	char *			pg_name;	/* service name */
 	char *			pg_class;	/* class name: services sharing authentication */
 	struct svc_stat *	pg_stats;	/* rpc statistics */
-	/* Override authentication. NULL means use default */
-	int			(*pg_authenticate_obsolete)(struct svc_rqst *, u32 *);
 	int			(*pg_authenticate)(struct svc_rqst *);
 };
 
diff -puN net/sunrpc/svc.c~nfsd_remove_pg_authenticate net/sunrpc/svc.c
--- linux-2.6.10-rc3/net/sunrpc/svc.c~nfsd_remove_pg_authenticate	2004-12-08 15:12:14.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svc.c	2004-12-08 15:12:14.000000000 -0500
@@ -315,10 +315,7 @@ svc_process(struct svc_serv *serv, struc
 	 * We do this before anything else in order to get a decent
 	 * auth verifier.
 	 */
-	if (progp->pg_authenticate_obsolete != NULL)
-		auth_res = progp->pg_authenticate_obsolete(rqstp, &auth_stat);
-	else
-		auth_res = svc_authenticate(rqstp, &auth_stat);
+	auth_res = svc_authenticate(rqstp, &auth_stat);
 	/* Also give the program a chance to reject this call: */
 	if (auth_res == SVC_OK) {
 		auth_stat = rpc_autherr_badcred;
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 3 of 6] svcrpc: move export table checks to a per-program pg_add_client method

[J. Bruce Fields]

svcauth_null_accept() and svcauth_unix_accept() are currently hard-wired to
check the source ip address on an incoming request against the export table,
which make sense for nfsd but not necessarily for other rpc-based services.

So instead we have the accept() method call a program-specific
pg_authenticate() method.  We also move the call to this method into
svc_process instead of calling it from the flavor-specific accept() routines.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-rc3-bfields/fs/lockd/svc.c                    |   15 ++++++++++
 linux-2.6.10-rc3-bfields/fs/nfsd/nfssvc.c                  |    2 +
 linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h        |    1 
 linux-2.6.10-rc3-bfields/net/sunrpc/auth_gss/svcauth_gss.c |    5 ---
 linux-2.6.10-rc3-bfields/net/sunrpc/svc.c                  |   12 +++++++-
 linux-2.6.10-rc3-bfields/net/sunrpc/svcauth_unix.c         |   18 +------------
 6 files changed, 31 insertions(+), 22 deletions(-)

diff -puN fs/lockd/svc.c~svcrpc_unix_ip_mapping_method fs/lockd/svc.c
--- linux-2.6.10-rc3/fs/lockd/svc.c~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/fs/lockd/svc.c	2004-12-09 16:37:57.000000000 -0500
@@ -403,6 +403,20 @@ static int param_set_##name(const char *
 	return 0;							\
 }
 
+static int lockd_authenticate(struct svc_rqst *rqstp)
+{
+	rqstp->rq_client = NULL;
+	switch (rqstp->rq_authop->flavour) {
+		case RPC_AUTH_NULL:
+		case RPC_AUTH_UNIX:
+			if (rqstp->rq_proc == 0)
+				return SVC_OK;
+			return svc_set_client(rqstp);
+	}
+	return SVC_DENIED;
+}
+
+
 param_set_min_max(port, int, simple_strtol, 0, 65535)
 param_set_min_max(grace_period, unsigned long, simple_strtoul,
 		  nlm_grace_period_min, nlm_grace_period_max)
@@ -483,4 +497,5 @@ struct svc_program	nlmsvc_program = {
 	.pg_name	= "lockd",		/* service name */
 	.pg_class	= "nfsd",		/* share authentication with nfsd */
 	.pg_stats	= &nlmsvc_stats,	/* stats table */
+	.pg_authenticate = &lockd_authenticate	/* export authentication */
 };
diff -puN fs/nfsd/nfssvc.c~svcrpc_unix_ip_mapping_method fs/nfsd/nfssvc.c
--- linux-2.6.10-rc3/fs/nfsd/nfssvc.c~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/fs/nfsd/nfssvc.c	2004-12-09 16:37:57.000000000 -0500
@@ -378,4 +378,6 @@ struct svc_program		nfsd_program = {
 	.pg_name		= "nfsd",		/* program name */
 	.pg_class		= "nfsd",		/* authentication class */
 	.pg_stats		= &nfsd_svcstats,	/* version table */
+	.pg_authenticate	= &svc_set_client,	/* export authentication */
+
 };
diff -puN include/linux/sunrpc/svc.h~svcrpc_unix_ip_mapping_method include/linux/sunrpc/svc.h
--- linux-2.6.10-rc3/include/linux/sunrpc/svc.h~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/include/linux/sunrpc/svc.h	2004-12-09 16:37:57.000000000 -0500
@@ -253,6 +253,7 @@ struct svc_program {
 	struct svc_stat *	pg_stats;	/* rpc statistics */
 	/* Override authentication. NULL means use default */
 	int			(*pg_authenticate_obsolete)(struct svc_rqst *, u32 *);
+	int			(*pg_authenticate)(struct svc_rqst *);
 };
 
 /*
diff -puN net/sunrpc/auth_gss/svcauth_gss.c~svcrpc_unix_ip_mapping_method net/sunrpc/auth_gss/svcauth_gss.c
--- linux-2.6.10-rc3/net/sunrpc/auth_gss/svcauth_gss.c~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/auth_gss/svcauth_gss.c	2004-12-09 16:37:57.000000000 -0500
@@ -906,11 +906,6 @@ svcauth_gss_accept(struct svc_rqst *rqst
 		svc_putu32(resv, rpc_success);
 		goto complete;
 	case RPC_GSS_PROC_DATA:
-		*authp = rpc_autherr_badcred;
-		rqstp->rq_client =
-			find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
-		if (rqstp->rq_client == NULL)
-			goto auth_err;
 		*authp = rpcsec_gsserr_ctxproblem;
 		if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq))
 			goto auth_err;
diff -puN net/sunrpc/svcauth_unix.c~svcrpc_unix_ip_mapping_method net/sunrpc/svcauth_unix.c
--- linux-2.6.10-rc3/net/sunrpc/svcauth_unix.c~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svcauth_unix.c	2004-12-09 16:37:57.000000000 -0500
@@ -369,7 +369,6 @@ svcauth_null_accept(struct svc_rqst *rqs
 	struct kvec	*argv = &rqstp->rq_arg.head[0];
 	struct kvec	*resv = &rqstp->rq_res.head[0];
 	struct svc_cred	*cred = &rqstp->rq_cred;
-	int		rv=0;
 
 	cred->cr_group_info = NULL;
 	rqstp->rq_client = NULL;
@@ -395,19 +394,11 @@ svcauth_null_accept(struct svc_rqst *rqs
 	if (cred->cr_group_info == NULL)
 		return SVC_DROP; /* kmalloc failure - client must retry */
 
-	rv = svcauth_unix_set_client(rqstp);
-	if (rv == SVC_DENIED)
-		goto badcred;
-
 	/* Put NULL verifier */
 	svc_putu32(resv, RPC_AUTH_NULL);
 	svc_putu32(resv, 0);
 
-	return rv;
-
-badcred:
-	*authp = rpc_autherr_badcred;
-	return SVC_DENIED;
+	return SVC_OK;
 }
 
 static int
@@ -442,7 +433,6 @@ svcauth_unix_accept(struct svc_rqst *rqs
 	struct svc_cred	*cred = &rqstp->rq_cred;
 	u32		slen, i;
 	int		len   = argv->iov_len;
-	int		rv=0;
 
 	cred->cr_group_info = NULL;
 	rqstp->rq_client = NULL;
@@ -474,15 +464,11 @@ svcauth_unix_accept(struct svc_rqst *rqs
 		return SVC_DENIED;
 	}
 
-	rv = svcauth_unix_set_client(rqstp);
-	if (rv == SVC_DENIED)
-		goto badcred;
-
 	/* Put NULL verifier */
 	svc_putu32(resv, RPC_AUTH_NULL);
 	svc_putu32(resv, 0);
 
-	return rv;
+	return SVC_OK;
 
 badcred:
 	*authp = rpc_autherr_badcred;
diff -puN net/sunrpc/svc.c~svcrpc_unix_ip_mapping_method net/sunrpc/svc.c
--- linux-2.6.10-rc3/net/sunrpc/svc.c~svcrpc_unix_ip_mapping_method	2004-12-09 16:37:57.000000000 -0500
+++ linux-2.6.10-rc3-bfields/net/sunrpc/svc.c	2004-12-09 16:37:57.000000000 -0500
@@ -264,6 +264,7 @@ svc_process(struct svc_serv *serv, struc
 	u32			dir, prog, vers, proc,
 				auth_stat, rpc_stat;
 	int			auth_res;
+	u32			*accept_statp;
 
 	rpc_stat = rpc_success;
 
@@ -299,6 +300,9 @@ svc_process(struct svc_serv *serv, struc
 	if (vers != 2)		/* RPC version number */
 		goto err_bad_rpc;
 
+	/* Save position in case we later decide to reject: */
+	accept_statp = resv->iov_base + resv->iov_len;
+
 	svc_putu32(resv, xdr_zero);		/* ACCEPT */
 
 	rqstp->rq_prog = prog = ntohl(svc_getu32(argv));	/* program number */
@@ -315,6 +319,11 @@ svc_process(struct svc_serv *serv, struc
 		auth_res = progp->pg_authenticate_obsolete(rqstp, &auth_stat);
 	else
 		auth_res = svc_authenticate(rqstp, &auth_stat);
+	/* Also give the program a chance to reject this call: */
+	if (auth_res == SVC_OK) {
+		auth_stat = rpc_autherr_badcred;
+		auth_res = progp->pg_authenticate(rqstp);
+	}
 	switch (auth_res) {
 	case SVC_OK:
 		break;
@@ -437,7 +446,8 @@ err_bad_rpc:
 err_bad_auth:
 	dprintk("svc: authentication failed (%d)\n", ntohl(auth_stat));
 	serv->sv_stats->rpcbadauth++;
-	resv->iov_len -= 4;
+	/* Restore write pointer to location of accept status: */
+	xdr_ressize_check(rqstp, accept_statp);
 	svc_putu32(resv, xdr_one);	/* REJECT */
 	svc_putu32(resv, xdr_one);	/* AUTH_ERROR */
 	svc_putu32(resv, auth_stat);	/* status */
_


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs

[PATCH 2 of 6] svcrpc: rename pg_authenticate

[J. Bruce Fields]

Later patches remove pg_authenticate and use the name for a different purpose;
so rename it to pg_authenticate_obsolete for now.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---

 linux-2.6.10-bk14-bfields/fs/nfs/callback.c          |    2 +-
 linux-2.6.10-bk14-bfields/include/linux/sunrpc/svc.h |    2 +-
 linux-2.6.10-bk14-bfields/net/sunrpc/svc.c           |    4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff -puN fs/nfs/callback.c~svcrpc_rename_pg_authenticate fs/nfs/callback.c
--- linux-2.6.10-bk14/fs/nfs/callback.c~svcrpc_rename_pg_authenticate	2005-01-11 16:43:02.000000000 -0500
+++ linux-2.6.10-bk14-bfields/fs/nfs/callback.c	2005-01-11 16:43:02.000000000 -0500
@@ -321,5 +321,5 @@ static struct svc_program nfs4_callback_
 	.pg_name = "NFSv4 callback",			/* service name */
 	.pg_class = "nfs",				/* authentication class */
 	.pg_stats = &nfs4_callback_stats,
-	.pg_authenticate = nfs_callback_auth,
+	.pg_authenticate_obsolete = nfs_callback_auth,
 };
diff -puN include/linux/sunrpc/svc.h~svcrpc_rename_pg_authenticate include/linux/sunrpc/svc.h
--- linux-2.6.10-bk14/include/linux/sunrpc/svc.h~svcrpc_rename_pg_authenticate	2005-01-11 16:43:02.000000000 -0500
+++ linux-2.6.10-bk14-bfields/include/linux/sunrpc/svc.h	2005-01-11 16:43:02.000000000 -0500
@@ -252,7 +252,7 @@ struct svc_program {
 	char *			pg_class;	/* class name: services sharing authentication */
 	struct svc_stat *	pg_stats;	/* rpc statistics */
 	/* Override authentication. NULL means use default */
-	int			(*pg_authenticate)(struct svc_rqst *, u32 *);
+	int			(*pg_authenticate_obsolete)(struct svc_rqst *, u32 *);
 };
 
 /*
diff -puN net/sunrpc/svc.c~svcrpc_rename_pg_authenticate net/sunrpc/svc.c
--- linux-2.6.10-bk14/net/sunrpc/svc.c~svcrpc_rename_pg_authenticate	2005-01-11 16:43:02.000000000 -0500
+++ linux-2.6.10-bk14-bfields/net/sunrpc/svc.c	2005-01-11 16:43:02.000000000 -0500
@@ -311,8 +311,8 @@ svc_process(struct svc_serv *serv, struc
 	 * We do this before anything else in order to get a decent
 	 * auth verifier.
 	 */
-	if (progp->pg_authenticate != NULL)
-		auth_res = progp->pg_authenticate(rqstp, &auth_stat);
+	if (progp->pg_authenticate_obsolete != NULL)
+		auth_res = progp->pg_authenticate_obsolete(rqstp, &auth_stat);
 	else
 		auth_res = svc_authenticate(rqstp, &auth_stat);
 	switch (auth_res) {
_


-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
NFS maillist  -  NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs