diff options
author | Alex Wilson <alex.wilson@joyent.com> | 2017-04-20 15:30:11 -0400 |
---|---|---|
committer | Dan McDonald <danmcd@omniti.com> | 2017-04-20 15:32:26 -0400 |
commit | b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b (patch) | |
tree | 9cbe7ecb846fc5f26d0efa6735d58ae81f58441f /usr/src/uts/common/rpc | |
parent | def4fac5882b4ca67bd0f4a53509b6d1fa8ae14e (diff) | |
download | illumos-joyent-b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b.tar.gz |
8085 Handle RPC groups better
Reviewed by: "Joshua M. Clulow" <josh@sysmgr.org>
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Diffstat (limited to 'usr/src/uts/common/rpc')
-rw-r--r-- | usr/src/uts/common/rpc/auth.h | 16 | ||||
-rw-r--r-- | usr/src/uts/common/rpc/auth_sys.h | 15 | ||||
-rw-r--r-- | usr/src/uts/common/rpc/sec/svc_authu.c | 5 | ||||
-rw-r--r-- | usr/src/uts/common/rpc/sec/svcauthdes.c | 3 | ||||
-rw-r--r-- | usr/src/uts/common/rpc/svc.c | 2 |
5 files changed, 33 insertions, 8 deletions
diff --git a/usr/src/uts/common/rpc/auth.h b/usr/src/uts/common/rpc/auth.h index 1af0c65857..bf4a97cfe9 100644 --- a/usr/src/uts/common/rpc/auth.h +++ b/usr/src/uts/common/rpc/auth.h @@ -20,6 +20,7 @@ */ /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. + * Copyright 2017 Joyent Inc * Use is subject to license terms. */ /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ @@ -53,10 +54,23 @@ extern "C" { #endif -#define MAX_AUTH_BYTES 400 +#define MAX_AUTH_BYTES 400 /* maximum length of an auth type, from RFC */ #define MAXNETNAMELEN 255 /* maximum length of network user's name */ /* + * NOTE: this value *must* be kept larger than the maximum size of all the + * structs that rq_clntcred is cast to in the different authentication types. + * If changes are made to any of these *_area structs, double-check they all + * still fit. If any new authentication mechanisms are added, add a note here. + * + * Currently these structs can be found in: + * - __svcauth_sys (svc_auth_sys.c) + * - __svcauth_des (svcauth_des.c) + * - __svcauth_loopback (svc_auth_loopb.c) + */ +#define RQCRED_SIZE 700 /* size allocated for rq_clntcred */ + +/* * Client side authentication/security data */ typedef struct sec_data { diff --git a/usr/src/uts/common/rpc/auth_sys.h b/usr/src/uts/common/rpc/auth_sys.h index 157546842b..df1809068e 100644 --- a/usr/src/uts/common/rpc/auth_sys.h +++ b/usr/src/uts/common/rpc/auth_sys.h @@ -21,6 +21,7 @@ /* * Copyright 2014 Nexenta Systems, Inc. All rights reserved. + * Copyright 2017 Joyent Inc */ /* @@ -65,9 +66,6 @@ extern "C" { /* gids compose part of a credential; there may not be more than 16 of them */ #define NGRPS 16 -/* gids compose part of a credential */ -#define NGRPS_LOOPBACK NGROUPS_UMAX - /* * "sys" (Old UNIX) style credentials. */ @@ -82,6 +80,17 @@ struct authsys_parms { /* For backward compatibility */ #define authunix_parms authsys_parms +/* + * Ideally, we would like this to be NGROUPS_UMAX, but the RFC mandates that + * auth sections must not exceed 400 bytes. For AUTH_LOOPBACK, that means the + * largest number of groups we can have without breaking RFC compat is 92 + * groups. + * + * NOTE: changing this value changes the size of authlpbk_area in + * svc_auth_loopb.c, which means RQCRED_SIZE *must* be updated! + */ +#define NGRPS_LOOPBACK 92 + #ifdef __STDC__ extern bool_t xdr_authsys_parms(XDR *, struct authsys_parms *); extern bool_t xdr_authloopback_parms(XDR *, struct authsys_parms *); diff --git a/usr/src/uts/common/rpc/sec/svc_authu.c b/usr/src/uts/common/rpc/sec/svc_authu.c index 6cfc89467c..224a8d33f6 100644 --- a/usr/src/uts/common/rpc/sec/svc_authu.c +++ b/usr/src/uts/common/rpc/sec/svc_authu.c @@ -21,6 +21,7 @@ */ /* * Copyright 1989 Sun Microsystems, Inc. All rights reserved. + * Copyright 2017 Joyent Inc * Use is subject to license terms. */ @@ -32,8 +33,6 @@ * under license from the Regents of the University of California. */ -#ident "%Z%%M% %I% %E% SMI" - /* * svc_auth_unix.c * Handles UNIX flavor authentication parameters on the service side of rpc. @@ -54,6 +53,7 @@ #include <sys/tihdr.h> #include <sys/t_kuser.h> #include <sys/cmn_err.h> +#include <sys/debug.h> #include <rpc/types.h> #include <rpc/xdr.h> @@ -84,6 +84,7 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg) u_int str_len, gid_len; int i; + CTASSERT(sizeof (struct area) <= RQCRED_SIZE); /* LINTED pointer alignment */ area = (struct area *) rqst->rq_clntcred; aup = &area->area_aup; diff --git a/usr/src/uts/common/rpc/sec/svcauthdes.c b/usr/src/uts/common/rpc/sec/svcauthdes.c index a2dfa41c29..563067bb04 100644 --- a/usr/src/uts/common/rpc/sec/svcauthdes.c +++ b/usr/src/uts/common/rpc/sec/svcauthdes.c @@ -19,6 +19,7 @@ * CDDL HEADER END */ /* + * Copyright 2017 Joyent Inc * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -59,6 +60,7 @@ #include <sys/kmem.h> #include <sys/time.h> #include <sys/cmn_err.h> +#include <sys/debug.h> #include <rpc/types.h> #include <rpc/xdr.h> @@ -159,6 +161,7 @@ _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg) } mutex_exit(&authdes_lock); + CTASSERT(sizeof (struct area) <= RQCRED_SIZE); /* LINTED pointer alignment */ area = (struct area *)rqst->rq_clntcred; cred = (struct authdes_cred *)&area->area_cred; diff --git a/usr/src/uts/common/rpc/svc.c b/usr/src/uts/common/rpc/svc.c index c0ca1ede3f..43f8a6d703 100644 --- a/usr/src/uts/common/rpc/svc.c +++ b/usr/src/uts/common/rpc/svc.c @@ -207,8 +207,6 @@ #include <nfs/nfs.h> #include <sys/tsol/label_macro.h> -#define RQCRED_SIZE 400 /* this size is excessive */ - /* * Defines for svc_poll() */ |