28 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
29 * Use is subject to license terms.
30 */
31
32 /*
33 * nfs security related library routines.
34 *
35 * Some of the routines in this file are adopted from
36 * lib/libnsl/netselect/netselect.c and are modified to be
37 * used for accessing /etc/nfssec.conf.
38 */
39
40 /* SVr4.0 1.18 */
41
42 #include <stdio.h>
43 #include <string.h>
44 #include <ctype.h>
45 #include <stdlib.h>
46 #include <syslog.h>
47 #include <synch.h>
48 #include <rpc/rpc.h>
49 #include <nfs/nfs_sec.h>
50 #include <rpc/rpcsec_gss.h>
51 #ifdef WNFS_SEC_NEGO
52 #include "webnfs.h"
53 #endif
54
55 #define GETBYNAME 1
56 #define GETBYNUM 2
57
58 /*
59 * mapping for /etc/nfssec.conf
60 */
61 struct sc_data {
62 char *string;
63 int value;
64 };
65
66 static struct sc_data sc_service[] = {
67 "default", rpc_gss_svc_default,
690 } while (status);
691 free(p);
692 return (SNEGO_SUCCESS);
693 }
694 }
695 return (SNEGO_FAILURE);
696 }
697 #endif
698
699 /*
700 * Get seconfig from /etc/nfssec.conf by name or by number or
701 * by descriptior.
702 */
703 /* ARGSUSED */
704 static int
705 get_seconfig(int whichway, char *name, int num,
706 rpc_gss_service_t service, seconfig_t *entryp)
707 {
708 char line[BUFSIZ]; /* holds each line of NFSSEC_CONF */
709 FILE *fp; /* file stream for NFSSEC_CONF */
710
711 if ((whichway == GETBYNAME) && (name == NULL))
712 return (SC_NOTFOUND);
713
714 (void) mutex_lock(&matching_lock);
715 if ((fp = fopen(NFSSEC_CONF, "r")) == NULL) {
716 (void) mutex_unlock(&matching_lock);
717 return (SC_OPENFAIL);
718 }
719
720 while (fgets(line, BUFSIZ, fp)) {
721 if (!(blank(line) || comment(line))) {
722 switch (whichway) {
723 case GETBYNAME:
724 if (matchname(line, name, entryp)) {
725 goto found;
726 }
727 break;
728
729 case GETBYNUM:
730 if (matchnum(line, num, entryp)) {
731 goto found;
732 }
733 break;
734
735 default:
|
28 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
29 * Use is subject to license terms.
30 */
31
32 /*
33 * nfs security related library routines.
34 *
35 * Some of the routines in this file are adopted from
36 * lib/libnsl/netselect/netselect.c and are modified to be
37 * used for accessing /etc/nfssec.conf.
38 */
39
40 /* SVr4.0 1.18 */
41
42 #include <stdio.h>
43 #include <string.h>
44 #include <ctype.h>
45 #include <stdlib.h>
46 #include <syslog.h>
47 #include <synch.h>
48 #include <zone.h>
49 #include <rpc/rpc.h>
50 #include <nfs/nfs_sec.h>
51 #include <rpc/rpcsec_gss.h>
52 #ifdef WNFS_SEC_NEGO
53 #include "webnfs.h"
54 #endif
55
56 #define GETBYNAME 1
57 #define GETBYNUM 2
58
59 /*
60 * mapping for /etc/nfssec.conf
61 */
62 struct sc_data {
63 char *string;
64 int value;
65 };
66
67 static struct sc_data sc_service[] = {
68 "default", rpc_gss_svc_default,
691 } while (status);
692 free(p);
693 return (SNEGO_SUCCESS);
694 }
695 }
696 return (SNEGO_FAILURE);
697 }
698 #endif
699
700 /*
701 * Get seconfig from /etc/nfssec.conf by name or by number or
702 * by descriptior.
703 */
704 /* ARGSUSED */
705 static int
706 get_seconfig(int whichway, char *name, int num,
707 rpc_gss_service_t service, seconfig_t *entryp)
708 {
709 char line[BUFSIZ]; /* holds each line of NFSSEC_CONF */
710 FILE *fp; /* file stream for NFSSEC_CONF */
711 char nfssec_conf[MAXPATHLEN];
712 const char *zroot = zone_get_nroot();
713
714 if ((whichway == GETBYNAME) && (name == NULL))
715 return (SC_NOTFOUND);
716
717 (void) snprintf(nfssec_conf, sizeof (nfssec_conf), "%s%s", zroot != NULL ?
718 zroot : "", NFSSEC_CONF);
719
720 (void) mutex_lock(&matching_lock);
721 if ((fp = fopen(nfssec_conf, "r")) == NULL) {
722 (void) mutex_unlock(&matching_lock);
723 return (SC_OPENFAIL);
724 }
725
726 while (fgets(line, BUFSIZ, fp)) {
727 if (!(blank(line) || comment(line))) {
728 switch (whichway) {
729 case GETBYNAME:
730 if (matchname(line, name, entryp)) {
731 goto found;
732 }
733 break;
734
735 case GETBYNUM:
736 if (matchnum(line, num, entryp)) {
737 goto found;
738 }
739 break;
740
741 default:
|