From f3f108f4c7fe5808d8debe3c9fbcfb3b1b79b73a Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Wed, 15 Sep 2010 11:16:15 +0100 Subject: [PATCH] rx: Add struct rx_identity Add the rx_identity structure which can be used by rx security layers to store and return identity information to applications. A number of helper functions for manipulating rx_identity structures are also provided. Change-Id: I64ae2b62a4bc8a401c1ac877f4662c66a39247f8 Reviewed-on: http://gerrit.openafs.org/2827 Tested-by: BuildBot Reviewed-by: Derrick Brashear Tested-by: Derrick Brashear --- src/libafs/Makefile.common.in | 4 + src/libafsrpc/Makefile.in | 4 + src/libafsrpc/NTMakefile | 3 +- src/libuafs/Makefile.common.in | 10 +++ src/rx/Makefile.in | 6 +- src/rx/NTMakefile | 3 +- src/rx/rx_identity.c | 166 +++++++++++++++++++++++++++++++++++++++++ src/rx/rx_identity.h | 50 +++++++++++++ src/shlibafsrpc/Makefile.in | 4 + src/shlibafsrpc/libafsrpc.map | 6 ++ 10 files changed, 253 insertions(+), 3 deletions(-) create mode 100644 src/rx/rx_identity.c create mode 100644 src/rx/rx_identity.h diff --git a/src/libafs/Makefile.common.in b/src/libafs/Makefile.common.in index 9c6b265..b9a796b 100644 --- a/src/libafs/Makefile.common.in +++ b/src/libafs/Makefile.common.in @@ -142,6 +142,7 @@ AFSAOBJS = \ rx_clock.o \ rx_event.o \ rx_globals.o \ + rx_identity.o \ rx_kmutex.o \ rx_knet.o \ rx_kcommon.o \ @@ -212,6 +213,7 @@ AFSPAGOBJS = \ rx_clock.o \ rx_event.o \ rx_globals.o \ + rx_identity.o \ rx_kmutex.o \ rx_pag_knet.o \ rx_kcommon.o \ @@ -398,6 +400,8 @@ rx_event.o: $(TOP_SRC_RX)/rx_event.c $(CRULE_NOOPT) rx_globals.o: $(TOP_SRC_RX)/rx_globals.c $(CRULE_NOOPT) +rx_identity.o: $(TOP_SRC_RX)/rx_identity.c + $(CRULE_NOOPT) rx_misc.o: $(TOP_SRC_RX)/rx_misc.c $(CRULE_NOOPT) rx_multi.o: $(TOP_SRC_RX)/rx_multi.c diff --git a/src/libafsrpc/Makefile.in b/src/libafsrpc/Makefile.in index 5231702..cf7d1e0 100644 --- a/src/libafsrpc/Makefile.in +++ b/src/libafsrpc/Makefile.in @@ -70,6 +70,7 @@ RXOBJS =\ rx_opaque.o \ rx_conncache.o \ rx_globals.o \ + rx_identity.o \ rx_getaddr.o \ rx_misc.o \ rx_packet.o \ @@ -174,6 +175,9 @@ rx_opaque.o: ${RX}/rx_opaque.c rx_globals.o: ${RX}/rx_globals.c ${CCRULE} ${RX}/rx_globals.c +rx_identity.o: ${RX}/rx_identity.o + ${CCRULE} ${RX}/rx_identity.c + rx_getaddr.o: ${RX}/rx_getaddr.c ${CCRULE} ${RX}/rx_getaddr.c diff --git a/src/libafsrpc/NTMakefile b/src/libafsrpc/NTMakefile index 31988fe..1abfbe9 100644 --- a/src/libafsrpc/NTMakefile +++ b/src/libafsrpc/NTMakefile @@ -36,7 +36,8 @@ RXOBJS = $(OUT)\rx_event.obj $(OUT)\rx_user.obj $(OUT)\rx_pthread.obj \ $(OUT)\rx.obj $(OUT)\rx_clock_nt.obj $(OUT)\rx_null.obj \ $(OUT)\rx_globals.obj $(OUT)\rx_getaddr.obj $(OUT)\rx_misc.obj \ $(OUT)\rx_packet.obj $(OUT)\rx_rdwr.obj $(OUT)\rx_trace.obj \ - $(OUT)\rx_xmit_nt.obj $(OUT)\rx_conncache.obj $(OUT)\rx_opaque.obj + $(OUT)\rx_xmit_nt.obj $(OUT)\rx_conncache.obj $(OUT)\rx_opaque.obj \ + $(OUT)\rx_identity.obj RXSTATBJS = $(OUT)\rxstat.obj $(OUT)\rxstat.ss.obj $(OUT)\rxstat.xdr.obj $(OUT)\rxstat.cs.obj diff --git a/src/libuafs/Makefile.common.in b/src/libuafs/Makefile.common.in index e4ad3d1..2c42e98 100644 --- a/src/libuafs/Makefile.common.in +++ b/src/libuafs/Makefile.common.in @@ -161,6 +161,7 @@ UAFSOBJ = \ $(UOBJ)/rx_clock.o \ $(UOBJ)/rx_event.o \ $(UOBJ)/rx_globals.o \ + $(UOBJ)/rx_identity.o \ $(UOBJ)/rx_kmutex.o \ $(UOBJ)/rx_knet.o \ $(UOBJ)/rx_kcommon.o \ @@ -301,6 +302,7 @@ AFSWEBOBJ = \ $(WEBOBJ)/rx_clock.o \ $(WEBOBJ)/rx_event.o \ $(WEBOBJ)/rx_globals.o \ + $(WEBOBJ)/rx_identity.o \ $(WEBOBJ)/rx_kmutex.o \ $(WEBOBJ)/rx_knet.o \ $(WEBOBJ)/rx_kcommon.o \ @@ -437,6 +439,7 @@ AFSWEBOBJKRB = \ $(WEBOBJ)/rx_clock.o \ $(WEBOBJ)/rx_event.o \ $(WEBOBJ)/rx_globals.o \ + $(WEBOBJ)/rx_identity.o \ $(WEBOBJ)/rx_kmutex.o \ $(WEBOBJ)/rx_knet.o \ $(WEBOBJ)/rx_kcommon.o \ @@ -576,6 +579,7 @@ JUAFSOBJ = \ $(JUAFS)/rx_clock.o \ $(JUAFS)/rx_event.o \ $(JUAFS)/rx_globals.o \ + $(JUAFS)/rx_identity.o \ $(JUAFS)/rx_knet.o \ $(JUAFS)/rx_kcommon.o \ $(JUAFS)/rx_misc.o \ @@ -769,6 +773,8 @@ $(UOBJ)/rx_event.o: $(TOP_SRC_RX)/rx_event.c $(CRULE1) $(UOBJ)/rx_globals.o: $(TOP_SRC_RX)/rx_globals.c $(CRULE1) +$(UOBJ)/rx_identity.o: $(TOP_SRC_RX)/rx_identity.c + $(CRULE1) $(UOBJ)/rx_misc.o: $(TOP_SRC_RX)/rx_misc.c $(CRULE1) $(UOBJ)/rx_multi.o: $(TOP_SRC_RX)/rx_multi.c @@ -1056,6 +1062,8 @@ $(WEBOBJ)/rx_event.o: $(TOP_SRC_RX)/rx_event.c $(CRULE2) $(WEBOBJ)/rx_globals.o: $(TOP_SRC_RX)/rx_globals.c $(CRULE2) +$(WEBOBJ)/rx_identity.o: $(TOP_SRC_RX)/rx_identity.c + $(CRULE2) $(WEBOBJ)/rx_misc.o: $(TOP_SRC_RX)/rx_misc.c $(CRULE2) $(WEBOBJ)/rx_multi.o: $(TOP_SRC_RX)/rx_multi.c @@ -1347,6 +1355,8 @@ $(JUAFS)/rx_event.o: $(TOP_SRC_RX)/rx_event.c $(CRULE1) $(JUAFS)/rx_globals.o: $(TOP_SRC_RX)/rx_globals.c $(CRULE1) +$(JUAFS)/rx_identity.o: $(TOP_SRC_RX)/rx_identity.c + $(CRULE1) $(JUAFS)/rx_misc.o: $(TOP_SRC_RX)/rx_misc.c $(CRULE1) $(JUAFS)/rx_multi.o: $(TOP_SRC_RX)/rx_multi.c diff --git a/src/rx/Makefile.in b/src/rx/Makefile.in index 0994b2c..5488da7 100644 --- a/src/rx/Makefile.in +++ b/src/rx/Makefile.in @@ -24,7 +24,7 @@ XDROBJS = xdr_arrayn.o ${XDROBJS_common} RXOBJS_common = rx_clock.o rx_event.o rx_user.o rx_lwp.o rx.o rx_null.o \ rx_globals.o rx_getaddr.o rx_misc.o rx_packet.o rx_rdwr.o rx_trace.o \ - rx_conncache.o rx_opaque.o \ + rx_conncache.o rx_opaque.o rx_identity.o \ xdr_int32.o xdr_int64.o xdr_update.o xdr_refernce.o RXOBJS = ${RXOBJS_common} @@ -99,6 +99,7 @@ includes: \ ${TOP_INCDIR}/rx/rx_misc.h \ ${TOP_INCDIR}/rx/rx_null.h \ ${TOP_INCDIR}/rx/rx_opaque.h \ + ${TOP_INCDIR}/rx/rx_identity.h \ ${TOP_INCDIR}/rx/xdr.h \ ${TOP_INCDIR}/rx/xdr_prototypes.h @@ -147,6 +148,9 @@ ${TOP_INCDIR}/rx/rx_null.h: rx_null.h ${TOP_INCDIR}/rx/rx_opaque.h: rx_opaque.h ${INSTALL_DATA} $? $@ +${TOP_INCDIR}/rx/rx_identity.h: rx_identity.h + ${INSTALL_DATA} $? $@ + ${TOP_INCDIR}/rx/xdr.h: xdr.h ${INSTALL_DATA} $? $@ diff --git a/src/rx/NTMakefile b/src/rx/NTMakefile index 67e4b6e..85b6262 100644 --- a/src/rx/NTMakefile +++ b/src/rx/NTMakefile @@ -35,7 +35,7 @@ RXOBJS = $(OUT)\rx_event.obj $(OUT)\rx_clock_nt.obj $(OUT)\rx_user.obj \ $(OUT)\rx_globals.obj $(OUT)\rx_getaddr.obj $(OUT)\rx_misc.obj \ $(OUT)\rx_packet.obj $(OUT)\rx_rdwr.obj $(OUT)\rx_trace.obj \ $(OUT)\rx_xmit_nt.obj $(OUT)\rx_conncache.obj \ - $(OUT)\rx_opaque.obj + $(OUT)\rx_opaque.obj $(OUT)\rx_identity.obj MULTIOBJS = $(OUT)\rx_multi.obj @@ -55,6 +55,7 @@ INCFILES = \ $(INCFILEDIR)\rx_multi.h \ $(INCFILEDIR)\rx_null.h \ $(INCFILEDIR)\rx_lwp.h \ + $(INCFILEDIR)\rx_identity.h \ $(INCFILEDIR)\rx_opaque.h \ $(INCFILEDIR)\rx_pthread.h \ $(INCFILEDIR)\rx_xmit_nt.h \ diff --git a/src/rx/rx_identity.c b/src/rx/rx_identity.c new file mode 100644 index 0000000..3c5da9d --- /dev/null +++ b/src/rx/rx_identity.c @@ -0,0 +1,166 @@ +/* + * Copyright (c) 2010 Your File System Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include + +#ifndef KERNEL +# include +# include +#else +# include "afs/sysincludes.h" +# include "afsincludes.h" +#endif + +#include +#include + +/*! + * Check to see if two rx identities match + * + * @param a + * First identity + * @param b + * Second identity + * @returns + * True if a and b are identical, otherwise false + */ +int +rx_identity_match(struct rx_identity *a, struct rx_identity *b) +{ + return (a->kind == b->kind && a->exportedName.len == b->exportedName.len + && (memcmp(a->exportedName.val, b->exportedName.val, + a->exportedName.len) == 0)); +} + +/*! + * Populate an identity + * + * Populate an existing identity with copies of the data passed to the + * function. This will replace (without freeing) any existing identity + * contents. + * + * @param identity + * The identity to populate + * @param kind + * The type of data contained within this identity + * @param displayName + * The displayName of this identity + * @param enameData + * The opaque data that represents this identity + * @param enameLength + * The length of enameData + */ + +void +rx_identity_populate(struct rx_identity *identity, rx_identity_kind kind, + char *displayName, void *enameData, size_t enameLength) +{ + memset(identity, 0, sizeof(struct rx_identity)); + + identity->displayName = rxi_Alloc(strlen(displayName)+1); + memcpy(identity->displayName, displayName, strlen(displayName)+1); + + rx_opaque_populate(&identity->exportedName, enameData, enameLength); +} + + +/*! + * Copy an identity + * + * Copy the contents of one identity into another one. This will replace + * (without freeing) any existing identity contents + * + * @param to + * The identity to copy to + * @param from + * The identity to copy from + */ + +void +rx_identity_copy(struct rx_identity *to, struct rx_identity *from) +{ + rx_identity_populate(to, from->kind, from->displayName, + from->exportedName.val, from->exportedName.len); + return; +} + +/*! + * Build a new identity + * + * Create a new identity, with copies of the data passed to this function. + * + * @param kind + * The type of data contained within this identity + * @param displayName + * The displayName of this identity + * @param enameData + * The opaque data that represents this identity + * @param enameLength + * The length of enameData + * @returns + * The new identity + */ + +struct rx_identity * +rx_identity_new(rx_identity_kind kind, char *displayName, void *enameData, + size_t enameLength) +{ + struct rx_identity *identity; + + identity = rxi_Alloc(sizeof(struct rx_identity)); + rx_identity_populate(identity, kind, displayName, enameData, enameLength); + + return identity; +} + +/*! + * Free the contents of an identity + * + * @param identity + * The identity to free the contents of + */ + +void +rx_identity_freeContents(struct rx_identity *identity) +{ + rxi_Free(identity->displayName, strlen(identity->displayName)); + identity->displayName = NULL; + rx_opaque_freeContents(&identity->exportedName); +} + +/*! + * Free an identity + * + * @param identity + * The identity to free (passed by reference) + */ + +void +rx_identity_free(struct rx_identity **identity) +{ + rx_identity_freeContents(*identity); + rxi_Free(*identity, sizeof(struct rx_identity)); + *identity = NULL; +} diff --git a/src/rx/rx_identity.h b/src/rx/rx_identity.h new file mode 100644 index 0000000..eaadc09 --- /dev/null +++ b/src/rx/rx_identity.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2010 Your File System Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef OPENAFS_RX_IDENTITY_H +#define OPENAFS_RX_IDENTITY_H + +#include + +typedef enum rx_identity_kind { + RX_ID_KRB4 = 0, + RX_ID_GSS = 1, +} rx_identity_kind; + +struct rx_identity { + rx_identity_kind kind; + char *displayName; + struct rx_opaque exportedName; +}; + +struct rx_identity *rx_identity_new(rx_identity_kind, char *, void *, + size_t); +int rx_identity_match(struct rx_identity *a, struct rx_identity *b); +void rx_identity_populate(struct rx_identity *, rx_identity_kind, char *, + void *, size_t); +void rx_identity_copy(struct rx_identity *to, struct rx_identity *from); +void rx_identity_freeContents(struct rx_identity *identity); +void rx_identity_free(struct rx_identity **identity); + +#endif diff --git a/src/shlibafsrpc/Makefile.in b/src/shlibafsrpc/Makefile.in index c0f48fa..9d3bfe4 100644 --- a/src/shlibafsrpc/Makefile.in +++ b/src/shlibafsrpc/Makefile.in @@ -75,6 +75,7 @@ RXOBJS =\ rx_conncache.o \ rx_globals.o \ rx_getaddr.o \ + rx_identity.o \ rx_misc.o \ rx_packet.o \ rx_rdwr.o \ @@ -197,6 +198,9 @@ rx_globals.o: ${RX}/rx_globals.c rx_getaddr.o: ${RX}/rx_getaddr.c ${CCRULE} +rx_identity.o: ${RX}/rx_identity.c + ${CCRULE} + rx_misc.o: ${RX}/rx_misc.c ${CCRULE} diff --git a/src/shlibafsrpc/libafsrpc.map b/src/shlibafsrpc/libafsrpc.map index 9cbff77..bb5fe26 100755 --- a/src/shlibafsrpc/libafsrpc.map +++ b/src/shlibafsrpc/libafsrpc.map @@ -158,6 +158,12 @@ rx_opaque_zeroFreeContents; rx_opaque_free; rx_opaque_zeroFree; + rx_identity_match; + rx_identity_populate; + rx_identity_copy; + rx_identity_new; + rx_identity_freeContents; + rx_identity_free; local: *; }; -- 1.9.4