| File: | rpc/rpc-lib/src/rpcsvc-auth.c |
| Location: | line 402, column 25 |
| Description: | Value stored to 'result' is never read |
| 1 | /* |
| 2 | Copyright (c) 2008-2012 Red Hat, Inc. <http://www.redhat.com> |
| 3 | This file is part of GlusterFS. |
| 4 | |
| 5 | This file is licensed to you under your choice of the GNU Lesser |
| 6 | General Public License, version 3 or any later version (LGPLv3 or |
| 7 | later), or the GNU General Public License, version 2 (GPLv2), in all |
| 8 | cases as published by the Free Software Foundation. |
| 9 | */ |
| 10 | |
| 11 | #include "rpcsvc.h" |
| 12 | #include "logging.h" |
| 13 | #include "dict.h" |
| 14 | |
| 15 | extern rpcsvc_auth_t * |
| 16 | rpcsvc_auth_null_init (rpcsvc_t *svc, dict_t *options); |
| 17 | |
| 18 | extern rpcsvc_auth_t * |
| 19 | rpcsvc_auth_unix_init (rpcsvc_t *svc, dict_t *options); |
| 20 | |
| 21 | extern rpcsvc_auth_t * |
| 22 | rpcsvc_auth_glusterfs_init (rpcsvc_t *svc, dict_t *options); |
| 23 | extern rpcsvc_auth_t * |
| 24 | rpcsvc_auth_glusterfs_v2_init (rpcsvc_t *svc, dict_t *options); |
| 25 | |
| 26 | int |
| 27 | rpcsvc_auth_add_initer (struct list_head *list, char *idfier, |
| 28 | rpcsvc_auth_initer_t init) |
| 29 | { |
| 30 | struct rpcsvc_auth_list *new = NULL((void*)0); |
| 31 | |
| 32 | if ((!list) || (!init) || (!idfier)) |
| 33 | return -1; |
| 34 | |
| 35 | new = GF_CALLOC (1, sizeof (*new), gf_common_mt_rpcsvc_auth_list)__gf_calloc (1, sizeof (*new), gf_common_mt_rpcsvc_auth_list); |
| 36 | if (!new) { |
| 37 | return -1; |
| 38 | } |
| 39 | |
| 40 | new->init = init; |
| 41 | strcpy (new->name, idfier); |
| 42 | INIT_LIST_HEAD (&new->authlist)do { (&new->authlist)->next = (&new->authlist )->prev = &new->authlist; } while (0); |
| 43 | list_add_tail (&new->authlist, list); |
| 44 | return 0; |
| 45 | } |
| 46 | |
| 47 | |
| 48 | |
| 49 | int |
| 50 | rpcsvc_auth_add_initers (rpcsvc_t *svc) |
| 51 | { |
| 52 | int ret = -1; |
| 53 | |
| 54 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-glusterfs", |
| 55 | (rpcsvc_auth_initer_t) |
| 56 | rpcsvc_auth_glusterfs_init); |
| 57 | if (ret == -1) { |
| 58 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS")do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 58 , GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS"); } while (0); |
| 59 | goto err; |
| 60 | } |
| 61 | |
| 62 | |
| 63 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-glusterfs-v2", |
| 64 | (rpcsvc_auth_initer_t) |
| 65 | rpcsvc_auth_glusterfs_v2_init); |
| 66 | if (ret == -1) { |
| 67 | gf_log (GF_RPCSVC, GF_LOG_ERROR,do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS-v2"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 68, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS-v2"); } while (0) |
| 68 | "Failed to add AUTH_GLUSTERFS-v2")do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS-v2"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 68, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS-v2"); } while (0); |
| 69 | goto err; |
| 70 | } |
| 71 | |
| 72 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", |
| 73 | (rpcsvc_auth_initer_t) |
| 74 | rpcsvc_auth_unix_init); |
| 75 | if (ret == -1) { |
| 76 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX")do { do { if (0) printf ("Failed to add AUTH_UNIX"); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 76 , GF_LOG_ERROR, "Failed to add AUTH_UNIX"); } while (0); |
| 77 | goto err; |
| 78 | } |
| 79 | |
| 80 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-null", |
| 81 | (rpcsvc_auth_initer_t) |
| 82 | rpcsvc_auth_null_init); |
| 83 | if (ret == -1) { |
| 84 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL")do { do { if (0) printf ("Failed to add AUTH_NULL"); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 84 , GF_LOG_ERROR, "Failed to add AUTH_NULL"); } while (0); |
| 85 | goto err; |
| 86 | } |
| 87 | |
| 88 | ret = 0; |
| 89 | err: |
| 90 | return ret; |
| 91 | } |
| 92 | |
| 93 | |
| 94 | int |
| 95 | rpcsvc_auth_init_auth (rpcsvc_t *svc, dict_t *options, |
| 96 | struct rpcsvc_auth_list *authitem) |
| 97 | { |
| 98 | int ret = -1; |
| 99 | |
| 100 | if ((!svc) || (!options) || (!authitem)) |
| 101 | return -1; |
| 102 | |
| 103 | if (!authitem->init) { |
| 104 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "No init function defined")do { do { if (0) printf ("No init function defined"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 104 , GF_LOG_ERROR, "No init function defined"); } while (0); |
| 105 | ret = -1; |
| 106 | goto err; |
| 107 | } |
| 108 | |
| 109 | authitem->auth = authitem->init (svc, options); |
| 110 | if (!authitem->auth) { |
| 111 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Registration of auth failed:"do { do { if (0) printf ("Registration of auth failed:" " %s" , authitem->name); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 112, GF_LOG_ERROR, "Registration of auth failed:" " %s", authitem->name); } while (0) |
| 112 | " %s", authitem->name)do { do { if (0) printf ("Registration of auth failed:" " %s" , authitem->name); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 112, GF_LOG_ERROR, "Registration of auth failed:" " %s", authitem->name); } while (0); |
| 113 | ret = -1; |
| 114 | goto err; |
| 115 | } |
| 116 | |
| 117 | authitem->enable = 1; |
| 118 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "Authentication enabled: %s",do { do { if (0) printf ("Authentication enabled: %s", authitem ->auth->authname); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 119, GF_LOG_TRACE, "Authentication enabled: %s" , authitem->auth->authname); } while (0) |
| 119 | authitem->auth->authname)do { do { if (0) printf ("Authentication enabled: %s", authitem ->auth->authname); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 119, GF_LOG_TRACE, "Authentication enabled: %s" , authitem->auth->authname); } while (0); |
| 120 | |
| 121 | ret = 0; |
| 122 | err: |
| 123 | return ret; |
| 124 | } |
| 125 | |
| 126 | |
| 127 | int |
| 128 | rpcsvc_auth_init_auths (rpcsvc_t *svc, dict_t *options) |
| 129 | { |
| 130 | int ret = -1; |
| 131 | struct rpcsvc_auth_list *auth = NULL((void*)0); |
| 132 | struct rpcsvc_auth_list *tmp = NULL((void*)0); |
| 133 | |
| 134 | if (!svc) |
| 135 | return -1; |
| 136 | |
| 137 | if (list_empty (&svc->authschemes)) { |
| 138 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 138, GF_LOG_WARNING , "No authentication!"); } while (0); |
| 139 | ret = 0; |
| 140 | goto err; |
| 141 | } |
| 142 | |
| 143 | /* If auth null and sys are not disabled by the user, we must enable |
| 144 | * it by default. This is a globally default rule, the user is still |
| 145 | * allowed to disable the two for particular subvolumes. |
| 146 | */ |
| 147 | if (!dict_get (options, "rpc-auth.auth-null")) { |
| 148 | ret = dict_set_str (options, "rpc-auth.auth-null", "on"); |
| 149 | if (ret) |
| 150 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-nill'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 151, GF_LOG_DEBUG, "dict_set failed for 'auth-nill'"); } while (0) |
| 151 | "dict_set failed for 'auth-nill'")do { do { if (0) printf ("dict_set failed for 'auth-nill'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 151, GF_LOG_DEBUG, "dict_set failed for 'auth-nill'"); } while (0); |
| 152 | } |
| 153 | |
| 154 | if (!dict_get (options, "rpc-auth.auth-unix")) { |
| 155 | ret = dict_set_str (options, "rpc-auth.auth-unix", "on"); |
| 156 | if (ret) |
| 157 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 158, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0) |
| 158 | "dict_set failed for 'auth-unix'")do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 158, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0); |
| 159 | } |
| 160 | |
| 161 | if (!dict_get (options, "rpc-auth.auth-glusterfs")) { |
| 162 | ret = dict_set_str (options, "rpc-auth.auth-glusterfs", "on"); |
| 163 | if (ret) |
| 164 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 165, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0) |
| 165 | "dict_set failed for 'auth-unix'")do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 165, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0); |
| 166 | } |
| 167 | |
| 168 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { |
| 169 | ret = rpcsvc_auth_init_auth (svc, options, auth); |
| 170 | if (ret == -1) |
| 171 | goto err; |
| 172 | } |
| 173 | |
| 174 | ret = 0; |
| 175 | err: |
| 176 | return ret; |
| 177 | |
| 178 | } |
| 179 | |
| 180 | int |
| 181 | rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options) |
| 182 | { |
| 183 | int ret = -1; |
| 184 | char *allow_insecure_str = NULL((void*)0); |
| 185 | gf_boolean_t is_allow_insecure = _gf_false; |
| 186 | |
| 187 | GF_ASSERT (svc)do { if (!(svc)) { do { do { if (0) printf ("Assertion failed: " "svc"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c", __FUNCTION__, 187, GF_LOG_ERROR, "Assertion failed: " "svc") ; } while (0); } } while (0); |
| 188 | GF_ASSERT (options)do { if (!(options)) { do { do { if (0) printf ("Assertion failed: " "options"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c" , __FUNCTION__, 188, GF_LOG_ERROR, "Assertion failed: " "options" ); } while (0); } } while (0); |
| 189 | |
| 190 | ret = dict_get_str (options, "rpc-auth-allow-insecure", |
| 191 | &allow_insecure_str); |
| 192 | if (0 == ret) { |
| 193 | ret = gf_string2boolean (allow_insecure_str, |
| 194 | &is_allow_insecure); |
| 195 | if (0 == ret) { |
| 196 | if (_gf_true == is_allow_insecure) |
| 197 | svc->allow_insecure = 1; |
| 198 | else |
| 199 | svc->allow_insecure = 0; |
| 200 | } |
| 201 | } |
| 202 | |
| 203 | return 0; |
| 204 | } |
| 205 | |
| 206 | int |
| 207 | rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) |
| 208 | { |
| 209 | int ret = -1; |
| 210 | |
| 211 | GF_ASSERT (svc)do { if (!(svc)) { do { do { if (0) printf ("Assertion failed: " "svc"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c", __FUNCTION__, 211, GF_LOG_ERROR, "Assertion failed: " "svc") ; } while (0); } } while (0); |
| 212 | GF_ASSERT (options)do { if (!(options)) { do { do { if (0) printf ("Assertion failed: " "options"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c" , __FUNCTION__, 212, GF_LOG_ERROR, "Assertion failed: " "options" ); } while (0); } } while (0); |
| 213 | |
| 214 | ret = dict_get_str_boolean (options, "root-squash", 0); |
| 215 | if (ret != -1) |
| 216 | svc->root_squash = ret; |
| 217 | else |
| 218 | svc->root_squash = _gf_false; |
| 219 | |
| 220 | if (svc->root_squash) |
| 221 | gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled ")do { do { if (0) printf ("root squashing enabled "); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 221 , GF_LOG_DEBUG, "root squashing enabled "); } while (0); |
| 222 | |
| 223 | return 0; |
| 224 | } |
| 225 | |
| 226 | int |
| 227 | rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options) |
| 228 | { |
| 229 | int ret = -1; |
| 230 | |
| 231 | if ((!svc) || (!options)) |
| 232 | return -1; |
| 233 | |
| 234 | (void) rpcsvc_set_allow_insecure (svc, options); |
| 235 | (void) rpcsvc_set_root_squash (svc, options); |
| 236 | ret = rpcsvc_auth_add_initers (svc); |
| 237 | if (ret == -1) { |
| 238 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add initers")do { do { if (0) printf ("Failed to add initers"); } while (0 ); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 238 , GF_LOG_ERROR, "Failed to add initers"); } while (0); |
| 239 | goto out; |
| 240 | } |
| 241 | |
| 242 | ret = rpcsvc_auth_init_auths (svc, options); |
| 243 | if (ret == -1) { |
| 244 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to init auth schemes")do { do { if (0) printf ("Failed to init auth schemes"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 244 , GF_LOG_ERROR, "Failed to init auth schemes"); } while (0); |
| 245 | goto out; |
| 246 | } |
| 247 | |
| 248 | out: |
| 249 | return ret; |
| 250 | } |
| 251 | |
| 252 | |
| 253 | rpcsvc_auth_t * |
| 254 | __rpcsvc_auth_get_handler (rpcsvc_request_t *req) |
| 255 | { |
| 256 | struct rpcsvc_auth_list *auth = NULL((void*)0); |
| 257 | struct rpcsvc_auth_list *tmp = NULL((void*)0); |
| 258 | rpcsvc_t *svc = NULL((void*)0); |
| 259 | |
| 260 | if (!req) |
| 261 | return NULL((void*)0); |
| 262 | |
| 263 | svc = req->svc; |
| 264 | if (!svc) { |
| 265 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "!svc")do { do { if (0) printf ("!svc"); } while (0); _gf_log ("rpc-service" , "rpcsvc-auth.c", __FUNCTION__, 265, GF_LOG_ERROR, "!svc"); } while (0); |
| 266 | goto err; |
| 267 | } |
| 268 | |
| 269 | if (list_empty (&svc->authschemes)) { |
| 270 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 270, GF_LOG_WARNING , "No authentication!"); } while (0); |
| 271 | goto err; |
| 272 | } |
| 273 | |
| 274 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { |
| 275 | if (!auth->enable) |
| 276 | continue; |
| 277 | if (auth->auth->authnum == req->cred.flavour) |
| 278 | goto err; |
| 279 | |
| 280 | } |
| 281 | |
| 282 | auth = NULL((void*)0); |
| 283 | err: |
| 284 | if (auth) |
| 285 | return auth->auth; |
| 286 | else |
| 287 | return NULL((void*)0); |
| 288 | } |
| 289 | |
| 290 | rpcsvc_auth_t * |
| 291 | rpcsvc_auth_get_handler (rpcsvc_request_t *req) |
| 292 | { |
| 293 | rpcsvc_auth_t *auth = NULL((void*)0); |
| 294 | |
| 295 | auth = __rpcsvc_auth_get_handler (req); |
| 296 | if (auth) |
| 297 | goto ret; |
| 298 | |
| 299 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "No auth handler: %d",do { do { if (0) printf ("No auth handler: %d", req->cred. flavour); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 300, GF_LOG_TRACE, "No auth handler: %d", req ->cred.flavour); } while (0) |
| 300 | req->cred.flavour)do { do { if (0) printf ("No auth handler: %d", req->cred. flavour); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 300, GF_LOG_TRACE, "No auth handler: %d", req ->cred.flavour); } while (0); |
| 301 | |
| 302 | /* The requested scheme was not available so fall back the to one |
| 303 | * scheme that will always be present. |
| 304 | */ |
| 305 | req->cred.flavour = AUTH_NULL0; |
| 306 | req->verf.flavour = AUTH_NULL0; |
| 307 | auth = __rpcsvc_auth_get_handler (req); |
| 308 | ret: |
| 309 | return auth; |
| 310 | } |
| 311 | |
| 312 | |
| 313 | int |
| 314 | rpcsvc_auth_request_init (rpcsvc_request_t *req) |
| 315 | { |
| 316 | int ret = -1; |
| 317 | rpcsvc_auth_t *auth = NULL((void*)0); |
| 318 | |
| 319 | if (!req) |
| 320 | return -1; |
| 321 | |
| 322 | auth = rpcsvc_auth_get_handler (req); |
| 323 | if (!auth) |
| 324 | goto err; |
| 325 | ret = 0; |
| 326 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "Auth handler: %s", auth->authname)do { do { if (0) printf ("Auth handler: %s", auth->authname ); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 326, GF_LOG_TRACE, "Auth handler: %s", auth->authname); } while (0); |
| 327 | if (!auth->authops->request_init) |
| 328 | ret = auth->authops->request_init (req, auth->authprivate); |
| 329 | |
| 330 | err: |
| 331 | return ret; |
| 332 | } |
| 333 | |
| 334 | |
| 335 | int |
| 336 | rpcsvc_authenticate (rpcsvc_request_t *req) |
| 337 | { |
| 338 | int ret = RPCSVC_AUTH_REJECT2; |
| 339 | rpcsvc_auth_t *auth = NULL((void*)0); |
| 340 | int minauth = 0; |
| 341 | |
| 342 | if (!req) |
| 343 | return ret; |
| 344 | |
| 345 | /* FIXME use rpcsvc_request_prog_minauth() */ |
| 346 | minauth = 0; |
| 347 | if (minauth > rpcsvc_request_cred_flavour (req)(((req->cred).flavour))) { |
| 348 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "Auth too weak")do { do { if (0) printf ("Auth too weak"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 348, GF_LOG_WARNING , "Auth too weak"); } while (0); |
| 349 | rpcsvc_request_set_autherr (req, AUTH_TOOWEAK)(req)->auth_err = AUTH_TOOWEAK; |
| 350 | goto err; |
| 351 | } |
| 352 | |
| 353 | auth = rpcsvc_auth_get_handler (req); |
| 354 | if (!auth) { |
| 355 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No auth handler found")do { do { if (0) printf ("No auth handler found"); } while (0 ); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 355 , GF_LOG_WARNING, "No auth handler found"); } while (0); |
| 356 | goto err; |
| 357 | } |
| 358 | |
| 359 | if (auth->authops->authenticate) |
| 360 | ret = auth->authops->authenticate (req, auth->authprivate); |
| 361 | |
| 362 | err: |
| 363 | return ret; |
| 364 | } |
| 365 | |
| 366 | int |
| 367 | rpcsvc_auth_array (rpcsvc_t *svc, char *volname, int *autharr, int arrlen) |
| 368 | { |
| 369 | int count = 0; |
| 370 | int result = RPCSVC_AUTH_REJECT2; |
| 371 | char *srchstr = NULL((void*)0); |
| 372 | int ret = 0; |
| 373 | |
| 374 | struct rpcsvc_auth_list *auth = NULL((void*)0); |
| 375 | struct rpcsvc_auth_list *tmp = NULL((void*)0); |
| 376 | |
| 377 | if ((!svc) || (!autharr) || (!volname)) |
| 378 | return -1; |
| 379 | |
| 380 | memset (autharr, 0, arrlen * sizeof(int)); |
| 381 | if (list_empty (&svc->authschemes)) { |
| 382 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 382, GF_LOG_ERROR , "No authentication!"); } while (0); |
| 383 | goto err; |
| 384 | } |
| 385 | |
| 386 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { |
| 387 | if (count >= arrlen) |
| 388 | break; |
| 389 | |
| 390 | result = gf_asprintf (&srchstr, "rpc-auth.%s.%s", |
| 391 | auth->name, volname); |
| 392 | if (result == -1) { |
| 393 | count = -1; |
| 394 | goto err; |
| 395 | } |
| 396 | |
| 397 | ret = dict_get_str_boolean (svc->options, srchstr, 0xC00FFEE); |
| 398 | GF_FREE (srchstr)__gf_free (srchstr); |
| 399 | |
| 400 | switch (ret) { |
| 401 | case _gf_true: |
| 402 | result = RPCSVC_AUTH_ACCEPT1; |
Value stored to 'result' is never read | |
| 403 | autharr[count] = auth->auth->authnum; |
| 404 | ++count; |
| 405 | break; |
| 406 | case _gf_false: |
| 407 | result = RPCSVC_AUTH_REJECT2; |
| 408 | break; |
| 409 | default: |
| 410 | result = RPCSVC_AUTH_DONTCARE3; |
| 411 | } |
| 412 | } |
| 413 | |
| 414 | err: |
| 415 | return count; |
| 416 | } |
| 417 | |
| 418 | gid_t * |
| 419 | rpcsvc_auth_unix_auxgids (rpcsvc_request_t *req, int *arrlen) |
| 420 | { |
| 421 | if ((!req) || (!arrlen)) |
| 422 | return NULL((void*)0); |
| 423 | |
| 424 | /* In case of AUTH_NULL auxgids are not used */ |
| 425 | switch (req->cred.flavour) { |
| 426 | case AUTH_UNIX1: |
| 427 | case AUTH_GLUSTERFS: |
| 428 | case AUTH_GLUSTERFS_v2: |
| 429 | break; |
| 430 | default: |
| 431 | gf_log ("rpc", GF_LOG_DEBUG, "auth type not unix or glusterfs")do { do { if (0) printf ("auth type not unix or glusterfs"); } while (0); _gf_log ("rpc", "rpcsvc-auth.c", __FUNCTION__, 431 , GF_LOG_DEBUG, "auth type not unix or glusterfs"); } while ( 0); |
| 432 | return NULL((void*)0); |
| 433 | } |
| 434 | |
| 435 | *arrlen = req->auxgidcount; |
| 436 | if (*arrlen == 0) |
| 437 | return NULL((void*)0); |
| 438 | |
| 439 | return &req->auxgids[0]; |
| 440 | } |