diff options
Diffstat (limited to 'rpc/rpc-lib')
-rw-r--r-- | rpc/rpc-lib/src/Makefile.am | 4 | ||||
-rw-r--r-- | rpc/rpc-lib/src/auth-glusterfs.c | 216 | ||||
-rw-r--r-- | rpc/rpc-lib/src/auth-null.c | 4 | ||||
-rw-r--r-- | rpc/rpc-lib/src/auth-unix.c | 2 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpc-clnt.c | 69 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpc-clnt.h | 9 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpc-common.c | 141 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 20 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc.c | 4 | ||||
-rw-r--r-- | rpc/rpc-lib/src/rpcsvc.h | 13 | ||||
-rw-r--r-- | rpc/rpc-lib/src/xdr-common.h | 48 | ||||
-rw-r--r-- | rpc/rpc-lib/src/xdr-rpc.h | 9 |
12 files changed, 202 insertions, 337 deletions
diff --git a/rpc/rpc-lib/src/Makefile.am b/rpc/rpc-lib/src/Makefile.am index fcf091e9b0c..8b087301c63 100644 --- a/rpc/rpc-lib/src/Makefile.am +++ b/rpc/rpc-lib/src/Makefile.am @@ -1,8 +1,8 @@ lib_LTLIBRARIES = libgfrpc.la libgfrpc_la_SOURCES = auth-unix.c rpcsvc-auth.c rpcsvc.c auth-null.c \ - rpc-transport.c xdr-rpc.c xdr-rpcclnt.c rpc-clnt.c auth-glusterfs.c \ - rpc-common.c + rpc-transport.c xdr-rpc.c xdr-rpcclnt.c rpc-clnt.c auth-glusterfs.c + libgfrpc_la_LIBADD = $(top_builddir)/libglusterfs/src/libglusterfs.la noinst_HEADERS = rpcsvc.h rpc-transport.h xdr-common.h xdr-rpc.h xdr-rpcclnt.h \ diff --git a/rpc/rpc-lib/src/auth-glusterfs.c b/rpc/rpc-lib/src/auth-glusterfs.c index 4faaddb9e7b..9996bfad458 100644 --- a/rpc/rpc-lib/src/auth-glusterfs.c +++ b/rpc/rpc-lib/src/auth-glusterfs.c @@ -29,94 +29,9 @@ #include "dict.h" #include "xdr-rpc.h" #include "xdr-common.h" +#include "rpc-common-xdr.h" -bool_t -xdr_auth_glusterfs_parms (XDR *xdrs, auth_glusterfs_parms *objp) -{ - register int32_t *buf; - - int i; - - if (xdrs->x_op == XDR_ENCODE) { - if (!xdr_u_quad_t (xdrs, &objp->lk_owner)) - return FALSE; - buf = XDR_INLINE (xdrs, (4 + 16 )* BYTES_PER_XDR_UNIT); - if (buf == NULL) { - if (!xdr_u_int (xdrs, &objp->pid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->uid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->gid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->ngrps)) - return FALSE; - if (!xdr_vector (xdrs, (char *)objp->groups, 16, - sizeof (u_int), (xdrproc_t) xdr_u_int)) - return FALSE; - } else { - IXDR_PUT_U_LONG(buf, objp->pid); - IXDR_PUT_U_LONG(buf, objp->uid); - IXDR_PUT_U_LONG(buf, objp->gid); - IXDR_PUT_U_LONG(buf, objp->ngrps); - { - register u_int *genp; - - for (i = 0, genp = objp->groups; - i < 16; ++i) { - IXDR_PUT_U_LONG(buf, *genp++); - } - } - } - return TRUE; - } else if (xdrs->x_op == XDR_DECODE) { - if (!xdr_u_quad_t (xdrs, &objp->lk_owner)) - return FALSE; - buf = XDR_INLINE (xdrs, (4 + 16 )* BYTES_PER_XDR_UNIT); - if (buf == NULL) { - if (!xdr_u_int (xdrs, &objp->pid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->uid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->gid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->ngrps)) - return FALSE; - if (!xdr_vector (xdrs, (char *)objp->groups, 16, - sizeof (u_int), (xdrproc_t) xdr_u_int)) - return FALSE; - } else { - objp->pid = IXDR_GET_U_LONG(buf); - objp->uid = IXDR_GET_U_LONG(buf); - objp->gid = IXDR_GET_U_LONG(buf); - objp->ngrps = IXDR_GET_U_LONG(buf); - { - register u_int *genp; - - for (i = 0, genp = objp->groups; - i < 16; ++i) { - *genp++ = IXDR_GET_U_LONG(buf); - } - } - } - return TRUE; - } - - if (!xdr_u_quad_t (xdrs, &objp->lk_owner)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->pid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->uid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->gid)) - return FALSE; - if (!xdr_u_int (xdrs, &objp->ngrps)) - return FALSE; - if (!xdr_vector (xdrs, (char *)objp->groups, 16, - sizeof (u_int), (xdrproc_t) xdr_u_int)) - return FALSE; - return TRUE; -} - +/* V1 */ ssize_t xdr_to_glusterfs_auth (char *buf, struct auth_glusterfs_parms *req) @@ -146,7 +61,7 @@ auth_glusterfs_request_init (rpcsvc_request_t *req, void *priv) { if (!req) return -1; - memset (req->verf.authdata, 0, RPCSVC_MAX_AUTH_BYTES); + memset (req->verf.authdata, 0, GF_MAX_AUTH_BYTES); req->verf.datalen = 0; req->verf.flavour = AUTH_NULL; @@ -155,9 +70,12 @@ auth_glusterfs_request_init (rpcsvc_request_t *req, void *priv) int auth_glusterfs_authenticate (rpcsvc_request_t *req, void *priv) { - int ret = RPCSVC_AUTH_REJECT; struct auth_glusterfs_parms au = {0,}; - int gidcount = 0; + + int ret = RPCSVC_AUTH_REJECT; + int gidcount = 0; + int j = 0; + int i = 0; if (!req) return ret; @@ -173,7 +91,11 @@ int auth_glusterfs_authenticate (rpcsvc_request_t *req, void *priv) req->pid = au.pid; req->uid = au.uid; req->gid = au.gid; - req->lk_owner = au.lk_owner; + req->lk_owner.len = 8; + { + for (i = 0; i < req->lk_owner.len; i++, j += 8) + req->lk_owner.data[i] = (char)((au.lk_owner >> j) & 0xff); + } req->auxgidcount = au.ngrps; if (req->auxgidcount > 16) { @@ -187,8 +109,8 @@ int auth_glusterfs_authenticate (rpcsvc_request_t *req, void *priv) req->auxgids[gidcount] = au.groups[gidcount]; gf_log (GF_RPCSVC, GF_LOG_TRACE, "Auth Info: pid: %u, uid: %d" - ", gid: %d, owner: %"PRId64, - req->pid, req->uid, req->gid, req->lk_owner); + ", gid: %d, owner: %s", + req->pid, req->uid, req->gid, lkowner_utoa (&req->lk_owner)); ret = RPCSVC_AUTH_ACCEPT; err: return ret; @@ -213,3 +135,111 @@ rpcsvc_auth_glusterfs_init (rpcsvc_t *svc, dict_t *options) { return &rpcsvc_auth_glusterfs; } + +/* V2 */ + +ssize_t +xdr_to_glusterfs_auth_v2 (char *buf, struct auth_glusterfs_parms_v2 *req) +{ + XDR xdr; + ssize_t ret = -1; + + if ((!buf) || (!req)) + return -1; + + xdrmem_create (&xdr, buf, GF_MAX_AUTH_BYTES, XDR_DECODE); + if (!xdr_auth_glusterfs_parms_v2 (&xdr, req)) { + gf_log ("", GF_LOG_WARNING, + "failed to decode glusterfs v2 parameters"); + ret = -1; + goto ret; + } + + ret = (((size_t)(&xdr)->x_private) - ((size_t)(&xdr)->x_base)); +ret: + return ret; + +} +int +auth_glusterfs_v2_request_init (rpcsvc_request_t *req, void *priv) +{ + if (!req) + return -1; + memset (req->verf.authdata, 0, GF_MAX_AUTH_BYTES); + req->verf.datalen = 0; + req->verf.flavour = AUTH_NULL; + + return 0; +} + +int auth_glusterfs_v2_authenticate (rpcsvc_request_t *req, void *priv) +{ + struct auth_glusterfs_parms_v2 au = {0,}; + int ret = RPCSVC_AUTH_REJECT; + int i = 0; + + if (!req) + return ret; + + ret = xdr_to_glusterfs_auth_v2 (req->cred.authdata, &au); + if (ret == -1) { + gf_log ("", GF_LOG_WARNING, + "failed to decode glusterfs credentials"); + ret = RPCSVC_AUTH_REJECT; + goto err; + } + + req->pid = au.pid; + req->uid = au.uid; + req->gid = au.gid; + req->lk_owner.len = au.lk_owner.lk_owner_len; + req->auxgidcount = au.groups.groups_len; + + if (req->auxgidcount > GF_MAX_AUX_GROUPS) { + gf_log ("", GF_LOG_WARNING, + "more than max aux gids found (%d) , truncating it " + "to %d and continuing", au.groups.groups_len, + GF_MAX_AUX_GROUPS); + req->auxgidcount = GF_MAX_AUX_GROUPS; + } + + if (req->lk_owner.len > GF_MAX_LOCK_OWNER_LEN) { + gf_log ("", GF_LOG_WARNING, + "lkowner field > 1k, failing authentication"); + ret = RPCSVC_AUTH_REJECT; + goto err; + } + + for (i = 0; i < req->auxgidcount; ++i) + req->auxgids[i] = au.groups.groups_val[i]; + + for (i = 0; i < au.lk_owner.lk_owner_len; ++i) + req->lk_owner.data[i] = au.lk_owner.lk_owner_val[i]; + + gf_log (GF_RPCSVC, GF_LOG_TRACE, "Auth Info: pid: %u, uid: %d" + ", gid: %d, owner: %s", + req->pid, req->uid, req->gid, lkowner_utoa (&req->lk_owner)); + ret = RPCSVC_AUTH_ACCEPT; +err: + return ret; +} + +rpcsvc_auth_ops_t auth_glusterfs_ops_v2 = { + .transport_init = NULL, + .request_init = auth_glusterfs_v2_request_init, + .authenticate = auth_glusterfs_v2_authenticate +}; + +rpcsvc_auth_t rpcsvc_auth_glusterfs_v2 = { + .authname = "AUTH_GLUSTERFS-v2", + .authnum = AUTH_GLUSTERFS_v2, + .authops = &auth_glusterfs_ops_v2, + .authprivate = NULL +}; + + +rpcsvc_auth_t * +rpcsvc_auth_glusterfs_v2_init (rpcsvc_t *svc, dict_t *options) +{ + return &rpcsvc_auth_glusterfs_v2; +} diff --git a/rpc/rpc-lib/src/auth-null.c b/rpc/rpc-lib/src/auth-null.c index ee50ab66921..aa6b4c1bdbd 100644 --- a/rpc/rpc-lib/src/auth-null.c +++ b/rpc/rpc-lib/src/auth-null.c @@ -34,10 +34,10 @@ auth_null_request_init (rpcsvc_request_t *req, void *priv) if (!req) return -1; - memset (req->cred.authdata, 0, RPCSVC_MAX_AUTH_BYTES); + memset (req->cred.authdata, 0, GF_MAX_AUTH_BYTES); req->cred.datalen = 0; - memset (req->verf.authdata, 0, RPCSVC_MAX_AUTH_BYTES); + memset (req->verf.authdata, 0, GF_MAX_AUTH_BYTES); req->verf.datalen = 0; return 0; diff --git a/rpc/rpc-lib/src/auth-unix.c b/rpc/rpc-lib/src/auth-unix.c index c48743db937..c3b58945a56 100644 --- a/rpc/rpc-lib/src/auth-unix.c +++ b/rpc/rpc-lib/src/auth-unix.c @@ -35,7 +35,7 @@ auth_unix_request_init (rpcsvc_request_t *req, void *priv) { if (!req) return -1; - memset (req->verf.authdata, 0, RPCSVC_MAX_AUTH_BYTES); + memset (req->verf.authdata, 0, GF_MAX_AUTH_BYTES); req->verf.datalen = 0; req->verf.flavour = AUTH_NULL; diff --git a/rpc/rpc-lib/src/rpc-clnt.c b/rpc/rpc-lib/src/rpc-clnt.c index 43791dc57e1..e21aac75529 100644 --- a/rpc/rpc-lib/src/rpc-clnt.c +++ b/rpc/rpc-lib/src/rpc-clnt.c @@ -32,6 +32,7 @@ #include "protocol-common.h" #include "mem-pool.h" #include "xdr-rpc.h" +#include "rpc-common-xdr.h" void rpc_clnt_reply_deinit (struct rpc_req *req, struct mem_pool *pool); @@ -1091,7 +1092,7 @@ rpc_clnt_register_notify (struct rpc_clnt *rpc, rpc_clnt_notify_t fn, } ssize_t -xdr_serialize_glusterfs_auth (char *dest, struct auth_glusterfs_parms *au) +xdr_serialize_glusterfs_auth (char *dest, struct auth_glusterfs_parms_v2 *au) { ssize_t ret = -1; XDR xdr; @@ -1099,10 +1100,9 @@ xdr_serialize_glusterfs_auth (char *dest, struct auth_glusterfs_parms *au) if ((!dest) || (!au)) return -1; - xdrmem_create (&xdr, dest, 1024, - XDR_ENCODE); + xdrmem_create (&xdr, dest, GF_MAX_AUTH_BYTES, XDR_ENCODE); - if (!xdr_auth_glusterfs_parms (&xdr, au)) { + if (!xdr_auth_glusterfs_parms_v2 (&xdr, au)) { gf_log (THIS->name, GF_LOG_WARNING, "failed to encode auth glusterfs elements"); ret = -1; @@ -1118,7 +1118,7 @@ ret: int rpc_clnt_fill_request (int prognum, int progver, int procnum, int payload, - uint64_t xid, struct auth_glusterfs_parms *au, + uint64_t xid, struct auth_glusterfs_parms_v2 *au, struct rpc_msg *request, char *auth_data) { int ret = -1; @@ -1146,7 +1146,7 @@ rpc_clnt_fill_request (int prognum, int progver, int procnum, int payload, goto out; } - request->rm_call.cb_cred.oa_flavor = AUTH_GLUSTERFS; + request->rm_call.cb_cred.oa_flavor = AUTH_GLUSTERFS_v2; request->rm_call.cb_cred.oa_base = auth_data; request->rm_call.cb_cred.oa_length = ret; @@ -1198,16 +1198,16 @@ out: struct iobuf * rpc_clnt_record_build_record (struct rpc_clnt *clnt, int prognum, int progver, int procnum, size_t payload, uint64_t xid, - struct auth_glusterfs_parms *au, + struct auth_glusterfs_parms_v2 *au, struct iovec *recbuf) { - struct rpc_msg request = {0, }; - struct iobuf *request_iob = NULL; - char *record = NULL; - struct iovec recordhdr = {0, }; - size_t pagesize = 0; - int ret = -1; - char auth_data[RPC_CLNT_MAX_AUTH_BYTES] = {0, }; + struct rpc_msg request = {0, }; + struct iobuf *request_iob = NULL; + char *record = NULL; + struct iovec recordhdr = {0, }; + size_t pagesize = 0; + int ret = -1; + char auth_data[GF_MAX_AUTH_BYTES] = {0, }; if ((!clnt) || (!recbuf) || (!au)) { goto out; @@ -1237,8 +1237,6 @@ rpc_clnt_record_build_record (struct rpc_clnt *clnt, int prognum, int progver, recordhdr = rpc_clnt_record_build_header (record, pagesize, &request, payload); - //GF_FREE (request.rm_call.cb_cred.oa_base); - if (!recordhdr.iov_base) { gf_log (clnt->conn.trans->name, GF_LOG_ERROR, "Failed to build record header"); @@ -1261,29 +1259,38 @@ rpc_clnt_record (struct rpc_clnt *clnt, call_frame_t *call_frame, rpc_clnt_prog_t *prog,int procnum, size_t payload_len, struct iovec *rpchdr, uint64_t callid) { - struct auth_glusterfs_parms au = {0, }; - struct iobuf *request_iob = NULL; + struct auth_glusterfs_parms_v2 au = {0, }; + struct iobuf *request_iob = NULL; + char owner[4] = {0,}; if (!prog || !rpchdr || !call_frame) { goto out; } - au.pid = call_frame->root->pid; - au.uid = call_frame->root->uid; - au.gid = call_frame->root->gid; - au.ngrps = call_frame->root->ngrps; - au.lk_owner = call_frame->root->lk_owner; - if (!au.lk_owner) - au.lk_owner = au.pid; + au.pid = call_frame->root->pid; + au.uid = call_frame->root->uid; + au.gid = call_frame->root->gid; + au.groups.groups_len = call_frame->root->ngrps; + au.lk_owner.lk_owner_len = call_frame->root->lk_owner.len; - gf_log (clnt->conn.trans->name, GF_LOG_TRACE, "Auth Info: pid: %u, uid: %d" - ", gid: %d, owner: %"PRId64, - au.pid, au.uid, au.gid, au.lk_owner); + if (au.groups.groups_len) + au.groups.groups_val = call_frame->root->groups; - memcpy (au.groups, call_frame->root->groups, sizeof (au.groups)); + if (call_frame->root->lk_owner.len) + au.lk_owner.lk_owner_val = call_frame->root->lk_owner.data; + else { + owner[0] = (char)(au.pid & 0xff); + owner[1] = (char)((au.pid >> 8) & 0xff); + owner[2] = (char)((au.pid >> 16) & 0xff); + owner[3] = (char)((au.pid >> 24) & 0xff); - //rpc_transport_get_myname (clnt->conn.trans, myname, UNIX_PATH_MAX); - //au.aup_machname = myname; + au.lk_owner.lk_owner_val = owner; + au.lk_owner.lk_owner_len = 4; + } + + gf_log (clnt->conn.trans->name, GF_LOG_TRACE, "Auth Info: pid: %u, uid: %d" + ", gid: %d, owner: %s", au.pid, au.uid, au.gid, + lkowner_utoa (&call_frame->root->lk_owner)); /* Assuming the client program would like to speak to the same version of * program on server. diff --git a/rpc/rpc-lib/src/rpc-clnt.h b/rpc/rpc-lib/src/rpc-clnt.h index e3b2ec3f1a2..7034da70584 100644 --- a/rpc/rpc-lib/src/rpc-clnt.h +++ b/rpc/rpc-lib/src/rpc-clnt.h @@ -31,8 +31,6 @@ typedef enum { RPC_CLNT_MSG } rpc_clnt_event_t; -#define AUTH_GLUSTERFS 5 -#define RPC_CLNT_MAX_AUTH_BYTES 1024 #define SFRAME_GET_PROGNUM(sframe) (sframe->rpcreq->prog->prognum) #define SFRAME_GET_PROGVER(sframe) (sframe->rpcreq->prog->progver) @@ -121,11 +119,10 @@ typedef struct rpcclnt_cb_program { -#define RPC_MAX_AUTH_BYTES 400 typedef struct rpc_auth_data { - int flavour; - int datalen; - char authdata[RPC_MAX_AUTH_BYTES]; + int flavour; + int datalen; + char authdata[GF_MAX_AUTH_BYTES]; } rpc_auth_data_t; diff --git a/rpc/rpc-lib/src/rpc-common.c b/rpc/rpc-lib/src/rpc-common.c deleted file mode 100644 index ff8785c6700..00000000000 --- a/rpc/rpc-lib/src/rpc-common.c +++ /dev/null @@ -1,141 +0,0 @@ -/* - Copyright (c) 2010-2011 Gluster, Inc. <http://www.gluster.com> - This file is part of GlusterFS. - - GlusterFS is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published - by the Free Software Foundation; either version 3 of the License, - or (at your option) any later version. - - GlusterFS is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see - <http://www.gnu.org/licenses/>. -*/ - - -#include "logging.h" -#include "xdr-common.h" - -ssize_t -xdr_serialize_generic (struct iovec outmsg, void *res, xdrproc_t proc) -{ - ssize_t ret = -1; - XDR xdr; - - if ((!outmsg.iov_base) || (!res) || (!proc)) - return -1; - - xdrmem_create (&xdr, outmsg.iov_base, (unsigned int)outmsg.iov_len, - XDR_ENCODE); - - if (!proc (&xdr, res)) { - gf_log_callingfn ("xdr", GF_LOG_WARNING, - "XDR encoding failed"); - ret = -1; - goto ret; - } - - ret = xdr_encoded_length (xdr); - -ret: - return ret; -} - - -ssize_t -xdr_to_generic (struct iovec inmsg, void *args, xdrproc_t proc) -{ - XDR xdr; - ssize_t ret = -1; - - if ((!inmsg.iov_base) || (!args) || (!proc)) - return -1; - - xdrmem_create (&xdr, inmsg.iov_base, (unsigned int)inmsg.iov_len, - XDR_DECODE); - - if (!proc (&xdr, args)) { - gf_log_callingfn ("xdr", GF_LOG_WARNING, - "XDR decoding failed"); - ret = -1; - goto ret; - } - - ret = xdr_decoded_length (xdr); -ret: - return ret; -} - - -bool_t -xdr_gf_dump_req (XDR *xdrs, gf_dump_req *objp) -{ - if (!xdr_u_quad_t (xdrs, &objp->gfs_id)) - return FALSE; - return TRUE; -} - -bool_t -xdr_gf_prog_detail (XDR *xdrs, gf_prog_detail *objp) -{ - if (!xdr_string (xdrs, &objp->progname, ~0)) - return FALSE; - if (!xdr_u_quad_t (xdrs, &objp->prognum)) - return FALSE; - if (!xdr_u_quad_t (xdrs, &objp->progver)) - return FALSE; - if (!xdr_pointer (xdrs, (char **)&objp->next, sizeof (gf_prog_detail), - (xdrproc_t) xdr_gf_prog_detail)) - return FALSE; - return TRUE; -} - -bool_t -xdr_gf_dump_rsp (XDR *xdrs, gf_dump_rsp *objp) -{ - if (!xdr_u_quad_t (xdrs, &objp->gfs_id)) - return FALSE; - if (!xdr_int (xdrs, &objp->op_ret)) - return FALSE; - if (!xdr_int (xdrs, &objp->op_errno)) - return FALSE; - if (!xdr_pointer (xdrs, (char **)&objp->prog, sizeof (gf_prog_detail), - (xdrproc_t) xdr_gf_prog_detail)) - return FALSE; - return TRUE; -} - - -ssize_t -xdr_serialize_dump_rsp (struct iovec outmsg, void *rsp) -{ - return xdr_serialize_generic (outmsg, (void *)rsp, - (xdrproc_t)xdr_gf_dump_rsp); -} - -ssize_t -xdr_to_dump_req (struct iovec inmsg, void *args) -{ - return xdr_to_generic (inmsg, (void *)args, - (xdrproc_t)xdr_gf_dump_req); -} - - -ssize_t -xdr_from_dump_req (struct iovec outmsg, void *rsp) -{ - return xdr_serialize_generic (outmsg, (void *)rsp, - (xdrproc_t)xdr_gf_dump_req); -} - -ssize_t -xdr_to_dump_rsp (struct iovec inmsg, void *args) -{ - return xdr_to_generic (inmsg, (void *)args, - (xdrproc_t)xdr_gf_dump_rsp); -} diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index d62bd100be5..930eabdda74 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -29,6 +29,8 @@ rpcsvc_auth_unix_init (rpcsvc_t *svc, dict_t *options); extern rpcsvc_auth_t * rpcsvc_auth_glusterfs_init (rpcsvc_t *svc, dict_t *options); +extern rpcsvc_auth_t * +rpcsvc_auth_glusterfs_v2_init (rpcsvc_t *svc, dict_t *options); int rpcsvc_auth_add_initer (struct list_head *list, char *idfier, @@ -66,6 +68,16 @@ rpcsvc_auth_add_initers (rpcsvc_t *svc) goto err; } + + ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-glusterfs-v2", + (rpcsvc_auth_initer_t) + rpcsvc_auth_glusterfs_v2_init); + if (ret == -1) { + gf_log (GF_RPCSVC, GF_LOG_ERROR, + "Failed to add AUTH_GLUSTERFS-v2"); + goto err; + } + ret = rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", (rpcsvc_auth_initer_t) rpcsvc_auth_unix_init); @@ -434,8 +446,12 @@ rpcsvc_auth_unix_auxgids (rpcsvc_request_t *req, int *arrlen) return NULL; /* In case of AUTH_NULL auxgids are not used */ - if ((req->cred.flavour != AUTH_UNIX) && - (req->cred.flavour != AUTH_GLUSTERFS)) { + switch (req->cred.flavour) { + case AUTH_UNIX: + case AUTH_GLUSTERFS: + case AUTH_GLUSTERFS_v2: + break; + default: gf_log ("rpc", GF_LOG_DEBUG, "auth type not unix or glusterfs"); return NULL; } diff --git a/rpc/rpc-lib/src/rpcsvc.c b/rpc/rpc-lib/src/rpcsvc.c index 5805f8a5cd6..e0fc2918473 100644 --- a/rpc/rpc-lib/src/rpcsvc.c +++ b/rpc/rpc-lib/src/rpcsvc.c @@ -34,6 +34,8 @@ #include "iobuf.h" #include "globals.h" #include "xdr-common.h" +#include "xdr-generic.h" +#include "rpc-common-xdr.h" #include <errno.h> #include <pthread.h> @@ -1687,7 +1689,7 @@ fail: iov.iov_base = rsp_buf; iov.iov_len = dump_rsp_len; - ret = xdr_serialize_dump_rsp (iov, &rsp); + ret = xdr_serialize_generic (iov, &rsp, (xdrproc_t)xdr_gf_dump_rsp); if (ret < 0) { if (req) req->rpc_err = GARBAGE_ARGS; diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h index 83aa33f8067..b1547670484 100644 --- a/rpc/rpc-lib/src/rpcsvc.h +++ b/rpc/rpc-lib/src/rpcsvc.h @@ -43,10 +43,6 @@ #include <rpc/rpc_msg.h> #include "compat.h" -#ifndef NGRPS -#define NGRPS 16 -#endif /* !NGRPS */ - #ifndef MAX_IOVEC #define MAX_IOVEC 16 #endif @@ -115,8 +111,6 @@ #define AUTH_KERB 4 /* kerberos style */ #endif /* */ -#define AUTH_GLUSTERFS 5 - typedef struct rpcsvc_program rpcsvc_program_t; struct rpcsvc_notify_wrapper { @@ -143,11 +137,10 @@ struct rpcsvc_config { int max_block_size; }; -#define RPCSVC_MAX_AUTH_BYTES 400 typedef struct rpcsvc_auth_data { int flavour; int datalen; - char authdata[RPCSVC_MAX_AUTH_BYTES]; + char authdata[GF_MAX_AUTH_BYTES]; } rpcsvc_auth_data_t; #define rpcsvc_auth_flavour(au) ((au).flavour) @@ -184,13 +177,13 @@ struct rpcsvc_request { gid_t gid; pid_t pid; - uint64_t lk_owner; + gf_lkowner_t lk_owner; uint64_t gfs_id; /* Might want to move this to AUTH_UNIX specific state since this array * is not available for every authentication scheme. */ - gid_t auxgids[NGRPS]; + gid_t auxgids[GF_MAX_AUX_GROUPS]; int auxgidcount; diff --git a/rpc/rpc-lib/src/xdr-common.h b/rpc/rpc-lib/src/xdr-common.h index 8402a62225e..d5198d20f47 100644 --- a/rpc/rpc-lib/src/xdr-common.h +++ b/rpc/rpc-lib/src/xdr-common.h @@ -34,7 +34,6 @@ #include <dirent.h> #endif /* __NetBSD__ */ - enum gf_dump_procnum { GF_DUMP_NULL, GF_DUMP_DUMP, @@ -44,6 +43,7 @@ enum gf_dump_procnum { #define GLUSTER_DUMP_PROGRAM 123451501 /* Completely random */ #define GLUSTER_DUMP_VERSION 1 +#define GF_MAX_AUTH_BYTES 2048 #if GF_DARWIN_HOST_OS #define xdr_u_quad_t xdr_u_int64_t @@ -67,52 +67,6 @@ enum gf_dump_procnum { #define xdr_uint32_t xdr_uint32_t #endif -struct auth_glusterfs_parms { - uint64_t lk_owner; - u_int pid; - u_int uid; - u_int gid; - u_int ngrps; - u_int groups[16]; -} __attribute__((packed)); -typedef struct auth_glusterfs_parms auth_glusterfs_parms; - -struct gf_dump_req { - uint64_t gfs_id; -} __attribute__((packed)); -typedef struct gf_dump_req gf_dump_req; - -struct gf_prog_detail { - char *progname; - uint64_t prognum; - uint64_t progver; - struct gf_prog_detail *next; -} __attribute__((packed)); -typedef struct gf_prog_detail gf_prog_detail; - -struct gf_dump_rsp { - uint64_t gfs_id; - int op_ret; - int op_errno; - struct gf_prog_detail *prog; -}__attribute__((packed)); -typedef struct gf_dump_rsp gf_dump_rsp; - -extern bool_t -xdr_auth_glusterfs_parms (XDR *xdrs, auth_glusterfs_parms *objp); -extern bool_t xdr_gf_dump_req (XDR *, gf_dump_req*); -extern bool_t xdr_gf_prog_detail (XDR *, gf_prog_detail*); -extern bool_t xdr_gf_dump_rsp (XDR *, gf_dump_rsp*); - -ssize_t -xdr_serialize_dump_rsp (struct iovec outmsg, void *rsp); -ssize_t -xdr_to_dump_req (struct iovec inmsg, void *args); -ssize_t -xdr_from_dump_req (struct iovec outmsg, void *rsp); -ssize_t -xdr_to_dump_rsp (struct iovec inmsg, void *args); - /* Returns the address of the byte that follows the * last byte used for decoding the previous xdr component. * E.g. once the RPC call for NFS has been decoded, the macro will return diff --git a/rpc/rpc-lib/src/xdr-rpc.h b/rpc/rpc-lib/src/xdr-rpc.h index 99ad888361c..226f8e8b356 100644 --- a/rpc/rpc-lib/src/xdr-rpc.h +++ b/rpc/rpc-lib/src/xdr-rpc.h @@ -17,7 +17,7 @@ <http://www.gnu.org/licenses/>. */ -#ifndef _XDR_RPC_H +#ifndef _XDR_RPC_H_ #define _XDR_RPC_H_ #ifndef _CONFIG_H @@ -39,6 +39,13 @@ #include <rpc/xdr.h> #include <sys/uio.h> +#include "xdr-common.h" + +typedef enum { + AUTH_GLUSTERFS = 5, + AUTH_GLUSTERFS_v2 = 6, +} gf_rpc_authtype_t; + /* Converts a given network buffer from its XDR format to a structure * that contains everything an RPC call needs to work. */ |