diff options
Diffstat (limited to 'rpc/rpc-lib/src')
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 43 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-common.h | 1 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc.h | 16 |
3 files changed, 60 insertions, 0 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index da260ade0c0..7c45c9b2a97 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -274,6 +274,44 @@ rpcsvc_set_root_squash(rpcsvc_t *svc, dict_t *options) } int +rpcsvc_set_all_squash(rpcsvc_t *svc, dict_t *options) +{ + int ret = -1; + + uid_t anonuid = -1; + gid_t anongid = -1; + + GF_ASSERT(svc); + GF_ASSERT(options); + + ret = dict_get_str_boolean(options, "all-squash", 0); + if (ret != -1) + svc->all_squash = ret; + else + svc->all_squash = _gf_false; + + ret = dict_get_uint32(options, "anonuid", &anonuid); + if (!ret) + svc->anonuid = anonuid; + else + svc->anonuid = RPC_NOBODY_UID; + + ret = dict_get_uint32(options, "anongid", &anongid); + if (!ret) + svc->anongid = anongid; + else + svc->anongid = RPC_NOBODY_GID; + + if (svc->all_squash) + gf_log(GF_RPCSVC, GF_LOG_DEBUG, + "all squashing enabled " + "(uid=%d, gid=%d)", + svc->anonuid, svc->anongid); + + return 0; +} + +int rpcsvc_auth_init(rpcsvc_t *svc, dict_t *options) { int ret = -1; @@ -283,6 +321,7 @@ rpcsvc_auth_init(rpcsvc_t *svc, dict_t *options) (void)rpcsvc_set_allow_insecure(svc, options); (void)rpcsvc_set_root_squash(svc, options); + (void)rpcsvc_set_all_squash(svc, options); (void)rpcsvc_set_addr_namelookup(svc, options); ret = rpcsvc_auth_add_initers(svc); if (ret == -1) { @@ -316,6 +355,10 @@ rpcsvc_auth_reconf(rpcsvc_t *svc, dict_t *options) if (ret) return (-1); + ret = rpcsvc_set_all_squash(svc, options); + if (ret) + return (-1); + return rpcsvc_set_addr_namelookup(svc, options); } diff --git a/rpc/rpc-lib/src/rpcsvc-common.h b/rpc/rpc-lib/src/rpcsvc-common.h index 56200b38faa..361f31c27f2 100644 --- a/rpc/rpc-lib/src/rpcsvc-common.h +++ b/rpc/rpc-lib/src/rpcsvc-common.h @@ -79,6 +79,7 @@ typedef struct rpcsvc_state { gf_boolean_t allow_insecure; gf_boolean_t register_portmap; gf_boolean_t root_squash; + gf_boolean_t all_squash; } rpcsvc_t; /* DRC START */ diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h index b296f9a4bde..3e25ef3a8e9 100644 --- a/rpc/rpc-lib/src/rpcsvc.h +++ b/rpc/rpc-lib/src/rpcsvc.h @@ -316,6 +316,20 @@ struct rpcsvc_request { } \ } while (0); +#define RPC_AUTH_ALL_SQUASH(req) \ + do { \ + int gidcount = 0; \ + if (req->svc->all_squash) { \ + req->uid = req->svc->anonuid; \ + req->gid = req->svc->anongid; \ + \ + for (gidcount = 0; gidcount < req->auxgidcount; ++gidcount) { \ + if (!req->auxgids[gidcount]) \ + req->auxgids[gidcount] = req->svc->anongid; \ + } \ + } \ + } while (0); + #define RPCSVC_ACTOR_SUCCESS 0 #define RPCSVC_ACTOR_ERROR (-1) #define RPCSVC_ACTOR_IGNORE (-2) @@ -659,6 +673,8 @@ rpcsvc_set_addr_namelookup(rpcsvc_t *svc, dict_t *options); int rpcsvc_set_root_squash(rpcsvc_t *svc, dict_t *options); int +rpcsvc_set_all_squash(rpcsvc_t *svc, dict_t *options); +int rpcsvc_set_outstanding_rpc_limit(rpcsvc_t *svc, dict_t *options, int defvalue); int |