diff options
Diffstat (limited to 'rpc/rpc-lib/src/rpcsvc-auth.c')
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 91 |
1 files changed, 89 insertions, 2 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index fcf4617ca9b..558ada509f0 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -318,8 +318,8 @@ rpcsvc_authenticate (rpcsvc_request_t *req) if (!req) return ret; - //minauth = rpcsvc_request_prog_minauth (req); - minauth = 1; + /* FIXME use rpcsvc_request_prog_minauth() */ + minauth = 0; if (minauth > rpcsvc_request_cred_flavour (req)) { gf_log (GF_RPCSVC, GF_LOG_WARNING, "Auth too weak"); rpcsvc_request_set_autherr (req, AUTH_TOOWEAK); @@ -339,6 +339,93 @@ err: return ret; } +int +rpcsvc_auth_array (rpcsvc_t *svc, char *volname, int *autharr, int arrlen) +{ + int count = 0; + int gen = RPCSVC_AUTH_REJECT; + int spec = RPCSVC_AUTH_REJECT; + int final = RPCSVC_AUTH_REJECT; + char *srchstr = NULL; + char *valstr = NULL; + gf_boolean_t boolval = _gf_false; + int ret = 0; + + struct rpcsvc_auth_list *auth = NULL; + struct rpcsvc_auth_list *tmp = NULL; + + if ((!svc) || (!autharr) || (!volname)) + return -1; + + memset (autharr, 0, arrlen * sizeof(int)); + if (list_empty (&svc->authschemes)) { + gf_log (GF_RPCSVC, GF_LOG_ERROR, "No authentication!"); + goto err; + } + + list_for_each_entry_safe (auth, tmp, &svc->authschemes, authlist) { + if (count >= arrlen) + break; + + gen = gf_asprintf (&srchstr, "rpc-auth.%s", auth->name); + if (gen == -1) { + count = -1; + goto err; + } + + gen = RPCSVC_AUTH_REJECT; + if (dict_get (svc->options, srchstr)) { + ret = dict_get_str (svc->options, srchstr, &valstr); + if (ret == 0) { + ret = gf_string2boolean (valstr, &boolval); + if (ret == 0) { + if (boolval == _gf_true) + gen = RPCSVC_AUTH_ACCEPT; + } else + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Faile" + "d to read auth val"); + } else + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Faile" + "d to read auth val"); + } + + GF_FREE (srchstr); + spec = gf_asprintf (&srchstr, "rpc-auth.%s.%s", auth->name, + volname); + if (spec == -1) { + count = -1; + goto err; + } + + spec = RPCSVC_AUTH_DONTCARE; + if (dict_get (svc->options, srchstr)) { + ret = dict_get_str (svc->options, srchstr, &valstr); + if (ret == 0) { + ret = gf_string2boolean (valstr, &boolval); + if (ret == 0) { + if (boolval == _gf_true) + spec = RPCSVC_AUTH_ACCEPT; + else + spec = RPCSVC_AUTH_REJECT; + } else + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Faile" + "d to read auth val"); + } else + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Faile" + "d to read auth val"); + } + + GF_FREE (srchstr); + final = rpcsvc_combine_gen_spec_volume_checks (gen, spec); + if (final == RPCSVC_AUTH_ACCEPT) { + autharr[count] = auth->auth->authnum; + ++count; + } + } + +err: + return count; +} gid_t * rpcsvc_auth_unix_auxgids (rpcsvc_request_t *req, int *arrlen) |