File: | rpc/rpc-lib/src/rpcsvc-auth.c |
Location: | line 328, column 23 |
Description: | Called function pointer is null (null dereference) |
1 | /* | |||
2 | Copyright (c) 2008-2012 Red Hat, Inc. <http://www.redhat.com> | |||
3 | This file is part of GlusterFS. | |||
4 | ||||
5 | This file is licensed to you under your choice of the GNU Lesser | |||
6 | General Public License, version 3 or any later version (LGPLv3 or | |||
7 | later), or the GNU General Public License, version 2 (GPLv2), in all | |||
8 | cases as published by the Free Software Foundation. | |||
9 | */ | |||
10 | ||||
11 | #include "rpcsvc.h" | |||
12 | #include "logging.h" | |||
13 | #include "dict.h" | |||
14 | ||||
15 | extern rpcsvc_auth_t * | |||
16 | rpcsvc_auth_null_init (rpcsvc_t *svc, dict_t *options); | |||
17 | ||||
18 | extern rpcsvc_auth_t * | |||
19 | rpcsvc_auth_unix_init (rpcsvc_t *svc, dict_t *options); | |||
20 | ||||
21 | extern rpcsvc_auth_t * | |||
22 | rpcsvc_auth_glusterfs_init (rpcsvc_t *svc, dict_t *options); | |||
23 | extern rpcsvc_auth_t * | |||
24 | rpcsvc_auth_glusterfs_v2_init (rpcsvc_t *svc, dict_t *options); | |||
25 | ||||
26 | int | |||
27 | rpcsvc_auth_add_initer (struct list_head *list, char *idfier, | |||
28 | rpcsvc_auth_initer_t init) | |||
29 | { | |||
30 | struct rpcsvc_auth_list *new = NULL((void*)0); | |||
31 | ||||
32 | if ((!list) || (!init) || (!idfier)) | |||
33 | return -1; | |||
34 | ||||
35 | new = GF_CALLOC (1, sizeof (*new), gf_common_mt_rpcsvc_auth_list)__gf_calloc (1, sizeof (*new), gf_common_mt_rpcsvc_auth_list); | |||
36 | if (!new) { | |||
37 | return -1; | |||
38 | } | |||
39 | ||||
40 | new->init = init; | |||
41 | strcpy (new->name, idfier); | |||
42 | INIT_LIST_HEAD (&new->authlist)do { (&new->authlist)->next = (&new->authlist )->prev = &new->authlist; } while (0); | |||
43 | list_add_tail (&new->authlist, list); | |||
44 | return 0; | |||
45 | } | |||
46 | ||||
47 | ||||
48 | ||||
49 | int | |||
50 | rpcsvc_auth_add_initers (rpcsvc_t *svc) | |||
51 | { | |||
52 | int ret = -1; | |||
53 | ||||
54 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-glusterfs", | |||
55 | (rpcsvc_auth_initer_t) | |||
56 | rpcsvc_auth_glusterfs_init); | |||
57 | if (ret == -1) { | |||
58 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS")do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 58 , GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS"); } while (0); | |||
59 | goto err; | |||
60 | } | |||
61 | ||||
62 | ||||
63 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-glusterfs-v2", | |||
64 | (rpcsvc_auth_initer_t) | |||
65 | rpcsvc_auth_glusterfs_v2_init); | |||
66 | if (ret == -1) { | |||
67 | gf_log (GF_RPCSVC, GF_LOG_ERROR,do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS-v2"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 68, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS-v2"); } while (0) | |||
68 | "Failed to add AUTH_GLUSTERFS-v2")do { do { if (0) printf ("Failed to add AUTH_GLUSTERFS-v2"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 68, GF_LOG_ERROR, "Failed to add AUTH_GLUSTERFS-v2"); } while (0); | |||
69 | goto err; | |||
70 | } | |||
71 | ||||
72 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", | |||
73 | (rpcsvc_auth_initer_t) | |||
74 | rpcsvc_auth_unix_init); | |||
75 | if (ret == -1) { | |||
76 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX")do { do { if (0) printf ("Failed to add AUTH_UNIX"); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 76 , GF_LOG_ERROR, "Failed to add AUTH_UNIX"); } while (0); | |||
77 | goto err; | |||
78 | } | |||
79 | ||||
80 | ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-null", | |||
81 | (rpcsvc_auth_initer_t) | |||
82 | rpcsvc_auth_null_init); | |||
83 | if (ret == -1) { | |||
84 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL")do { do { if (0) printf ("Failed to add AUTH_NULL"); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 84 , GF_LOG_ERROR, "Failed to add AUTH_NULL"); } while (0); | |||
85 | goto err; | |||
86 | } | |||
87 | ||||
88 | ret = 0; | |||
89 | err: | |||
90 | return ret; | |||
91 | } | |||
92 | ||||
93 | ||||
94 | int | |||
95 | rpcsvc_auth_init_auth (rpcsvc_t *svc, dict_t *options, | |||
96 | struct rpcsvc_auth_list *authitem) | |||
97 | { | |||
98 | int ret = -1; | |||
99 | ||||
100 | if ((!svc) || (!options) || (!authitem)) | |||
101 | return -1; | |||
102 | ||||
103 | if (!authitem->init) { | |||
104 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "No init function defined")do { do { if (0) printf ("No init function defined"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 104 , GF_LOG_ERROR, "No init function defined"); } while (0); | |||
105 | ret = -1; | |||
106 | goto err; | |||
107 | } | |||
108 | ||||
109 | authitem->auth = authitem->init (svc, options); | |||
110 | if (!authitem->auth) { | |||
111 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Registration of auth failed:"do { do { if (0) printf ("Registration of auth failed:" " %s" , authitem->name); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 112, GF_LOG_ERROR, "Registration of auth failed:" " %s", authitem->name); } while (0) | |||
112 | " %s", authitem->name)do { do { if (0) printf ("Registration of auth failed:" " %s" , authitem->name); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 112, GF_LOG_ERROR, "Registration of auth failed:" " %s", authitem->name); } while (0); | |||
113 | ret = -1; | |||
114 | goto err; | |||
115 | } | |||
116 | ||||
117 | authitem->enable = 1; | |||
118 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "Authentication enabled: %s",do { do { if (0) printf ("Authentication enabled: %s", authitem ->auth->authname); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 119, GF_LOG_TRACE, "Authentication enabled: %s" , authitem->auth->authname); } while (0) | |||
119 | authitem->auth->authname)do { do { if (0) printf ("Authentication enabled: %s", authitem ->auth->authname); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 119, GF_LOG_TRACE, "Authentication enabled: %s" , authitem->auth->authname); } while (0); | |||
120 | ||||
121 | ret = 0; | |||
122 | err: | |||
123 | return ret; | |||
124 | } | |||
125 | ||||
126 | ||||
127 | int | |||
128 | rpcsvc_auth_init_auths (rpcsvc_t *svc, dict_t *options) | |||
129 | { | |||
130 | int ret = -1; | |||
131 | struct rpcsvc_auth_list *auth = NULL((void*)0); | |||
132 | struct rpcsvc_auth_list *tmp = NULL((void*)0); | |||
133 | ||||
134 | if (!svc) | |||
135 | return -1; | |||
136 | ||||
137 | if (list_empty (&svc->authschemes)) { | |||
138 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 138, GF_LOG_WARNING , "No authentication!"); } while (0); | |||
139 | ret = 0; | |||
140 | goto err; | |||
141 | } | |||
142 | ||||
143 | /* If auth null and sys are not disabled by the user, we must enable | |||
144 | * it by default. This is a globally default rule, the user is still | |||
145 | * allowed to disable the two for particular subvolumes. | |||
146 | */ | |||
147 | if (!dict_get (options, "rpc-auth.auth-null")) { | |||
148 | ret = dict_set_str (options, "rpc-auth.auth-null", "on"); | |||
149 | if (ret) | |||
150 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-nill'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 151, GF_LOG_DEBUG, "dict_set failed for 'auth-nill'"); } while (0) | |||
151 | "dict_set failed for 'auth-nill'")do { do { if (0) printf ("dict_set failed for 'auth-nill'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 151, GF_LOG_DEBUG, "dict_set failed for 'auth-nill'"); } while (0); | |||
152 | } | |||
153 | ||||
154 | if (!dict_get (options, "rpc-auth.auth-unix")) { | |||
155 | ret = dict_set_str (options, "rpc-auth.auth-unix", "on"); | |||
156 | if (ret) | |||
157 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 158, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0) | |||
158 | "dict_set failed for 'auth-unix'")do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 158, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0); | |||
159 | } | |||
160 | ||||
161 | if (!dict_get (options, "rpc-auth.auth-glusterfs")) { | |||
162 | ret = dict_set_str (options, "rpc-auth.auth-glusterfs", "on"); | |||
163 | if (ret) | |||
164 | gf_log ("rpc-auth", GF_LOG_DEBUG,do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 165, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0) | |||
165 | "dict_set failed for 'auth-unix'")do { do { if (0) printf ("dict_set failed for 'auth-unix'"); } while (0); _gf_log ("rpc-auth", "rpcsvc-auth.c", __FUNCTION__ , 165, GF_LOG_DEBUG, "dict_set failed for 'auth-unix'"); } while (0); | |||
166 | } | |||
167 | ||||
168 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { | |||
169 | ret = rpcsvc_auth_init_auth (svc, options, auth); | |||
170 | if (ret == -1) | |||
171 | goto err; | |||
172 | } | |||
173 | ||||
174 | ret = 0; | |||
175 | err: | |||
176 | return ret; | |||
177 | ||||
178 | } | |||
179 | ||||
180 | int | |||
181 | rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options) | |||
182 | { | |||
183 | int ret = -1; | |||
184 | char *allow_insecure_str = NULL((void*)0); | |||
185 | gf_boolean_t is_allow_insecure = _gf_false; | |||
186 | ||||
187 | GF_ASSERT (svc)do { if (!(svc)) { do { do { if (0) printf ("Assertion failed: " "svc"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c", __FUNCTION__, 187, GF_LOG_ERROR, "Assertion failed: " "svc") ; } while (0); } } while (0); | |||
188 | GF_ASSERT (options)do { if (!(options)) { do { do { if (0) printf ("Assertion failed: " "options"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c" , __FUNCTION__, 188, GF_LOG_ERROR, "Assertion failed: " "options" ); } while (0); } } while (0); | |||
189 | ||||
190 | ret = dict_get_str (options, "rpc-auth-allow-insecure", | |||
191 | &allow_insecure_str); | |||
192 | if (0 == ret) { | |||
193 | ret = gf_string2boolean (allow_insecure_str, | |||
194 | &is_allow_insecure); | |||
195 | if (0 == ret) { | |||
196 | if (_gf_true == is_allow_insecure) | |||
197 | svc->allow_insecure = 1; | |||
198 | else | |||
199 | svc->allow_insecure = 0; | |||
200 | } | |||
201 | } | |||
202 | ||||
203 | return 0; | |||
204 | } | |||
205 | ||||
206 | int | |||
207 | rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) | |||
208 | { | |||
209 | int ret = -1; | |||
210 | ||||
211 | GF_ASSERT (svc)do { if (!(svc)) { do { do { if (0) printf ("Assertion failed: " "svc"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c", __FUNCTION__, 211, GF_LOG_ERROR, "Assertion failed: " "svc") ; } while (0); } } while (0); | |||
212 | GF_ASSERT (options)do { if (!(options)) { do { do { if (0) printf ("Assertion failed: " "options"); } while (0); _gf_log_callingfn ("", "rpcsvc-auth.c" , __FUNCTION__, 212, GF_LOG_ERROR, "Assertion failed: " "options" ); } while (0); } } while (0); | |||
213 | ||||
214 | ret = dict_get_str_boolean (options, "root-squash", 0); | |||
215 | if (ret != -1) | |||
216 | svc->root_squash = ret; | |||
217 | else | |||
218 | svc->root_squash = _gf_false; | |||
219 | ||||
220 | if (svc->root_squash) | |||
221 | gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled ")do { do { if (0) printf ("root squashing enabled "); } while ( 0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 221 , GF_LOG_DEBUG, "root squashing enabled "); } while (0); | |||
222 | ||||
223 | return 0; | |||
224 | } | |||
225 | ||||
226 | int | |||
227 | rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options) | |||
228 | { | |||
229 | int ret = -1; | |||
230 | ||||
231 | if ((!svc) || (!options)) | |||
232 | return -1; | |||
233 | ||||
234 | (void) rpcsvc_set_allow_insecure (svc, options); | |||
235 | (void) rpcsvc_set_root_squash (svc, options); | |||
236 | ret = rpcsvc_auth_add_initers (svc); | |||
237 | if (ret == -1) { | |||
238 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add initers")do { do { if (0) printf ("Failed to add initers"); } while (0 ); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 238 , GF_LOG_ERROR, "Failed to add initers"); } while (0); | |||
239 | goto out; | |||
240 | } | |||
241 | ||||
242 | ret = rpcsvc_auth_init_auths (svc, options); | |||
243 | if (ret == -1) { | |||
244 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to init auth schemes")do { do { if (0) printf ("Failed to init auth schemes"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 244 , GF_LOG_ERROR, "Failed to init auth schemes"); } while (0); | |||
245 | goto out; | |||
246 | } | |||
247 | ||||
248 | out: | |||
249 | return ret; | |||
250 | } | |||
251 | ||||
252 | ||||
253 | rpcsvc_auth_t * | |||
254 | __rpcsvc_auth_get_handler (rpcsvc_request_t *req) | |||
255 | { | |||
256 | struct rpcsvc_auth_list *auth = NULL((void*)0); | |||
257 | struct rpcsvc_auth_list *tmp = NULL((void*)0); | |||
258 | rpcsvc_t *svc = NULL((void*)0); | |||
259 | ||||
260 | if (!req) | |||
261 | return NULL((void*)0); | |||
262 | ||||
263 | svc = req->svc; | |||
264 | if (!svc) { | |||
265 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "!svc")do { do { if (0) printf ("!svc"); } while (0); _gf_log ("rpc-service" , "rpcsvc-auth.c", __FUNCTION__, 265, GF_LOG_ERROR, "!svc"); } while (0); | |||
266 | goto err; | |||
267 | } | |||
268 | ||||
269 | if (list_empty (&svc->authschemes)) { | |||
270 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 270, GF_LOG_WARNING , "No authentication!"); } while (0); | |||
271 | goto err; | |||
272 | } | |||
273 | ||||
274 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { | |||
275 | if (!auth->enable) | |||
276 | continue; | |||
277 | if (auth->auth->authnum == req->cred.flavour) | |||
278 | goto err; | |||
279 | ||||
280 | } | |||
281 | ||||
282 | auth = NULL((void*)0); | |||
283 | err: | |||
284 | if (auth) | |||
285 | return auth->auth; | |||
286 | else | |||
287 | return NULL((void*)0); | |||
288 | } | |||
289 | ||||
290 | rpcsvc_auth_t * | |||
291 | rpcsvc_auth_get_handler (rpcsvc_request_t *req) | |||
292 | { | |||
293 | rpcsvc_auth_t *auth = NULL((void*)0); | |||
294 | ||||
295 | auth = __rpcsvc_auth_get_handler (req); | |||
296 | if (auth) | |||
297 | goto ret; | |||
298 | ||||
299 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "No auth handler: %d",do { do { if (0) printf ("No auth handler: %d", req->cred. flavour); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 300, GF_LOG_TRACE, "No auth handler: %d", req ->cred.flavour); } while (0) | |||
300 | req->cred.flavour)do { do { if (0) printf ("No auth handler: %d", req->cred. flavour); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c" , __FUNCTION__, 300, GF_LOG_TRACE, "No auth handler: %d", req ->cred.flavour); } while (0); | |||
301 | ||||
302 | /* The requested scheme was not available so fall back the to one | |||
303 | * scheme that will always be present. | |||
304 | */ | |||
305 | req->cred.flavour = AUTH_NULL0; | |||
306 | req->verf.flavour = AUTH_NULL0; | |||
307 | auth = __rpcsvc_auth_get_handler (req); | |||
308 | ret: | |||
309 | return auth; | |||
310 | } | |||
311 | ||||
312 | ||||
313 | int | |||
314 | rpcsvc_auth_request_init (rpcsvc_request_t *req) | |||
315 | { | |||
316 | int ret = -1; | |||
317 | rpcsvc_auth_t *auth = NULL((void*)0); | |||
318 | ||||
319 | if (!req) | |||
| ||||
320 | return -1; | |||
321 | ||||
322 | auth = rpcsvc_auth_get_handler (req); | |||
323 | if (!auth) | |||
324 | goto err; | |||
325 | ret = 0; | |||
326 | gf_log (GF_RPCSVC, GF_LOG_TRACE, "Auth handler: %s", auth->authname)do { do { if (0) printf ("Auth handler: %s", auth->authname ); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__ , 326, GF_LOG_TRACE, "Auth handler: %s", auth->authname); } while (0); | |||
327 | if (!auth->authops->request_init) | |||
328 | ret = auth->authops->request_init (req, auth->authprivate); | |||
| ||||
329 | ||||
330 | err: | |||
331 | return ret; | |||
332 | } | |||
333 | ||||
334 | ||||
335 | int | |||
336 | rpcsvc_authenticate (rpcsvc_request_t *req) | |||
337 | { | |||
338 | int ret = RPCSVC_AUTH_REJECT2; | |||
339 | rpcsvc_auth_t *auth = NULL((void*)0); | |||
340 | int minauth = 0; | |||
341 | ||||
342 | if (!req) | |||
343 | return ret; | |||
344 | ||||
345 | /* FIXME use rpcsvc_request_prog_minauth() */ | |||
346 | minauth = 0; | |||
347 | if (minauth > rpcsvc_request_cred_flavour (req)(((req->cred).flavour))) { | |||
348 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "Auth too weak")do { do { if (0) printf ("Auth too weak"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 348, GF_LOG_WARNING , "Auth too weak"); } while (0); | |||
349 | rpcsvc_request_set_autherr (req, AUTH_TOOWEAK)(req)->auth_err = AUTH_TOOWEAK; | |||
350 | goto err; | |||
351 | } | |||
352 | ||||
353 | auth = rpcsvc_auth_get_handler (req); | |||
354 | if (!auth) { | |||
355 | gf_log (GF_RPCSVC, GF_LOG_WARNING, "No auth handler found")do { do { if (0) printf ("No auth handler found"); } while (0 ); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 355 , GF_LOG_WARNING, "No auth handler found"); } while (0); | |||
356 | goto err; | |||
357 | } | |||
358 | ||||
359 | if (auth->authops->authenticate) | |||
360 | ret = auth->authops->authenticate (req, auth->authprivate); | |||
361 | ||||
362 | err: | |||
363 | return ret; | |||
364 | } | |||
365 | ||||
366 | int | |||
367 | rpcsvc_auth_array (rpcsvc_t *svc, char *volname, int *autharr, int arrlen) | |||
368 | { | |||
369 | int count = 0; | |||
370 | int result = RPCSVC_AUTH_REJECT2; | |||
371 | char *srchstr = NULL((void*)0); | |||
372 | int ret = 0; | |||
373 | ||||
374 | struct rpcsvc_auth_list *auth = NULL((void*)0); | |||
375 | struct rpcsvc_auth_list *tmp = NULL((void*)0); | |||
376 | ||||
377 | if ((!svc) || (!autharr) || (!volname)) | |||
378 | return -1; | |||
379 | ||||
380 | memset (autharr, 0, arrlen * sizeof(int)); | |||
381 | if (list_empty (&svc->authschemes)) { | |||
382 | gf_log (GF_RPCSVC, GF_LOG_ERROR, "No authentication!")do { do { if (0) printf ("No authentication!"); } while (0); _gf_log ("rpc-service", "rpcsvc-auth.c", __FUNCTION__, 382, GF_LOG_ERROR , "No authentication!"); } while (0); | |||
383 | goto err; | |||
384 | } | |||
385 | ||||
386 | list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist)for (auth = ((typeof(*auth) *)((char *)((&svc->authschemes )->next)-(unsigned long)(&((typeof(*auth) *)0)->authlist ))), tmp = ((typeof(*auth) *)((char *)(auth->authlist.next )-(unsigned long)(&((typeof(*auth) *)0)->authlist))); & auth->authlist != (&svc->authschemes); auth = tmp, tmp = ((typeof(*tmp) *)((char *)(tmp->authlist.next)-(unsigned long)(&((typeof(*tmp) *)0)->authlist)))) { | |||
387 | if (count >= arrlen) | |||
388 | break; | |||
389 | ||||
390 | result = gf_asprintf (&srchstr, "rpc-auth.%s.%s", | |||
391 | auth->name, volname); | |||
392 | if (result == -1) { | |||
393 | count = -1; | |||
394 | goto err; | |||
395 | } | |||
396 | ||||
397 | ret = dict_get_str_boolean (svc->options, srchstr, 0xC00FFEE); | |||
398 | GF_FREE (srchstr)__gf_free (srchstr); | |||
399 | ||||
400 | switch (ret) { | |||
401 | case _gf_true: | |||
402 | result = RPCSVC_AUTH_ACCEPT1; | |||
403 | autharr[count] = auth->auth->authnum; | |||
404 | ++count; | |||
405 | break; | |||
406 | case _gf_false: | |||
407 | result = RPCSVC_AUTH_REJECT2; | |||
408 | break; | |||
409 | default: | |||
410 | result = RPCSVC_AUTH_DONTCARE3; | |||
411 | } | |||
412 | } | |||
413 | ||||
414 | err: | |||
415 | return count; | |||
416 | } | |||
417 | ||||
418 | gid_t * | |||
419 | rpcsvc_auth_unix_auxgids (rpcsvc_request_t *req, int *arrlen) | |||
420 | { | |||
421 | if ((!req) || (!arrlen)) | |||
422 | return NULL((void*)0); | |||
423 | ||||
424 | /* In case of AUTH_NULL auxgids are not used */ | |||
425 | switch (req->cred.flavour) { | |||
426 | case AUTH_UNIX1: | |||
427 | case AUTH_GLUSTERFS: | |||
428 | case AUTH_GLUSTERFS_v2: | |||
429 | break; | |||
430 | default: | |||
431 | gf_log ("rpc", GF_LOG_DEBUG, "auth type not unix or glusterfs")do { do { if (0) printf ("auth type not unix or glusterfs"); } while (0); _gf_log ("rpc", "rpcsvc-auth.c", __FUNCTION__, 431 , GF_LOG_DEBUG, "auth type not unix or glusterfs"); } while ( 0); | |||
432 | return NULL((void*)0); | |||
433 | } | |||
434 | ||||
435 | *arrlen = req->auxgidcount; | |||
436 | if (*arrlen == 0) | |||
437 | return NULL((void*)0); | |||
438 | ||||
439 | return &req->auxgids[0]; | |||
440 | } |