diff options
Diffstat (limited to 'rpc/rpc-lib/src/rpcsvc-auth.c')
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 50 |
1 files changed, 38 insertions, 12 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index 4cb86a758..384e4a75d 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -230,6 +230,8 @@ int rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) { int ret = -1; + uid_t anonuid = -1; + gid_t anongid = -1; GF_ASSERT (svc); GF_ASSERT (options); @@ -240,8 +242,21 @@ rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options) else svc->root_squash = _gf_false; + ret = dict_get_uint32 (options, "anonuid", &anonuid); + if (!ret) + svc->anonuid = anonuid; + else + svc->anonuid = RPC_NOBODY_UID; + + ret = dict_get_uint32 (options, "anongid", &anongid); + if (!ret) + svc->anongid = anongid; + else + svc->anongid = RPC_NOBODY_GID; + if (svc->root_squash) - gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled "); + gf_log (GF_RPCSVC, GF_LOG_DEBUG, "root squashing enabled " + "(uid=%d, gid=%d)", svc->anonuid, svc->anongid); return 0; } @@ -354,25 +369,36 @@ ret: int -rpcsvc_auth_request_init (rpcsvc_request_t *req) +rpcsvc_auth_request_init (rpcsvc_request_t *req, struct rpc_msg *callmsg) { - int ret = -1; + int32_t ret = 0; rpcsvc_auth_t *auth = NULL; - if (!req) - return -1; + if (!req || !callmsg) { + ret = -1; + goto err; + } + + req->cred.flavour = rpc_call_cred_flavour (callmsg); + req->cred.datalen = rpc_call_cred_len (callmsg); + req->verf.flavour = rpc_call_verf_flavour (callmsg); + req->verf.datalen = rpc_call_verf_len (callmsg); auth = rpcsvc_auth_get_handler (req); - if (!auth) + if (!auth) { + ret = -1; goto err; - ret = 0; + } + gf_log (GF_RPCSVC, GF_LOG_TRACE, "Auth handler: %s", auth->authname); - if (!auth->authops->request_init) - ret = auth->authops->request_init (req, auth->authprivate); - req->auxgids = req->auxgidsmall; /* reset to auxgidlarge during - unsersialize if necessary */ - req->auxgidlarge = NULL; + if (auth->authops->request_init) + ret = auth->authops->request_init (req, auth->authprivate); + + /* reset to auxgidlarge during + unsersialize if necessary */ + req->auxgids = req->auxgidsmall; + req->auxgidlarge = NULL; err: return ret; } |