Changeset View
Changeset View
Standalone View
Standalone View
sys/rpc/svc_auth.c
Show First 20 Lines • Show All 191 Lines • ▼ Show 20 Lines | svc_getcred(struct svc_req *rqst, struct ucred **crp, int *flavorp) | ||||
*/ | */ | ||||
if ((xprt->xp_tls & (RPCTLS_FLAGS_CERTUSER | | if ((xprt->xp_tls & (RPCTLS_FLAGS_CERTUSER | | ||||
RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER && | RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER && | ||||
flavor == AUTH_UNIX) { | flavor == AUTH_UNIX) { | ||||
cr = crget(); | cr = crget(); | ||||
cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xprt->xp_uid; | cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xprt->xp_uid; | ||||
crsetgroups(cr, xprt->xp_ngrps, xprt->xp_gidp); | crsetgroups(cr, xprt->xp_ngrps, xprt->xp_gidp); | ||||
cr->cr_rgid = cr->cr_svgid = xprt->xp_gidp[0]; | cr->cr_rgid = cr->cr_svgid = xprt->xp_gidp[0]; | ||||
cr->cr_prison = &prison0; | cr->cr_prison = curthread->td_ucred->cr_prison; | ||||
prison_hold(cr->cr_prison); | prison_hold(cr->cr_prison); | ||||
*crp = cr; | *crp = cr; | ||||
return (TRUE); | return (TRUE); | ||||
} | } | ||||
switch (flavor) { | switch (flavor) { | ||||
case AUTH_UNIX: | case AUTH_UNIX: | ||||
xcr = (struct xucred *) rqst->rq_clntcred; | xcr = (struct xucred *) rqst->rq_clntcred; | ||||
cr = crget(); | cr = crget(); | ||||
cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid; | cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid; | ||||
crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups); | crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups); | ||||
cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0]; | cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0]; | ||||
cr->cr_prison = &prison0; | cr->cr_prison = curthread->td_ucred->cr_prison; | ||||
prison_hold(cr->cr_prison); | prison_hold(cr->cr_prison); | ||||
*crp = cr; | *crp = cr; | ||||
return (TRUE); | return (TRUE); | ||||
case RPCSEC_GSS: | case RPCSEC_GSS: | ||||
if (!_svcauth_rpcsec_gss_getcred) | if (!_svcauth_rpcsec_gss_getcred) | ||||
return (FALSE); | return (FALSE); | ||||
return (_svcauth_rpcsec_gss_getcred(rqst, crp, flavorp)); | return (_svcauth_rpcsec_gss_getcred(rqst, crp, flavorp)); | ||||
default: | default: | ||||
return (FALSE); | return (FALSE); | ||||
} | } | ||||
} | } | ||||