From ac8eb05c5bae434c5da93b417d32b0ecfdb642e4 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 21 Sep 2004 18:20:16 +0000 Subject: [PATCH] * configure.in: Check for sockaddr_in.sin_len and sockaddr.sa_len. Check for sys/param.h in case we need NBBY somewhere. * auth.h, svc_auth.h: Namespace cleanup. * svc.h, rpc_commondata.c: New global svc_maxfd. * svc.c (svc_getreqset): Break inner part of loop out into local function svc_do_xprt(). Don't use rpc_dtablesize(); instead, use svc_maxfd. * svc_run.c: Don't use rpc_dtablesize(). * clnt_generic.c, clnt_simple.c, getrpcport.c: * svc_tcp.c, svc_udp.c: Set sockaddr_in.sin_len when available. * ovsec_kadmd.c (kadm_svc_run): Don't use rpc_dtablesize(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16770 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/server/ChangeLog | 4 + src/kadmin/server/ovsec_kadmd.c | 5 +- src/lib/rpc/ChangeLog | 19 +++ src/lib/rpc/auth.h | 3 +- src/lib/rpc/clnt_generic.c | 5 +- src/lib/rpc/clnt_simple.c | 4 + src/lib/rpc/configure.in | 11 +- src/lib/rpc/getrpcport.c | 4 + src/lib/rpc/rpc_commondata.c | 1 + src/lib/rpc/svc.c | 218 +++++++++++++++++--------------- src/lib/rpc/svc.h | 1 + src/lib/rpc/svc_auth.h | 22 ++-- src/lib/rpc/svc_run.c | 7 +- src/lib/rpc/svc_tcp.c | 5 +- src/lib/rpc/svc_udp.c | 3 + 15 files changed, 193 insertions(+), 119 deletions(-) diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index 5b5464565..df708f813 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,7 @@ +2004-09-21 Tom Yu + + * ovsec_kadmd.c (kadm_svc_run): Don't use rpc_dtablesize(). + 2004-08-20 Alexandra Ellwood * ovsec_kadmd.c (main), server_stubs.c (*): diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c index a880360e3..8709198d6 100644 --- a/src/kadmin/server/ovsec_kadmd.c +++ b/src/kadmin/server/ovsec_kadmd.c @@ -682,7 +682,6 @@ void kadm_svc_run(params) kadm5_config_params *params; { fd_set rfd; - int sz = gssrpc__rpc_dtablesize(); struct timeval timeout; while(signal_request_exit == 0) { @@ -709,7 +708,9 @@ kadm5_config_params *params; timeout.tv_usec = 0; rfd = svc_fdset; FD_SET(schpw, &rfd); - switch(select(sz, (fd_set *) &rfd, NULL, NULL, &timeout)) { +#define max(a, b) (((a) > (b)) ? (a) : (b)) + switch(select(max(schpw, svc_maxfd) + 1, + (fd_set *) &rfd, NULL, NULL, &timeout)) { case -1: if(errno == EINTR) continue; diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index b2ddbe971..5344f526a 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,22 @@ +2004-09-21 Tom Yu + + * configure.in: Check for sockaddr_in.sin_len and + sockaddr.sa_len. Check for sys/param.h in case we need NBBY + somewhere. + + * auth.h, svc_auth.h: Namespace cleanup. + + * svc.h, rpc_commondata.c: New global svc_maxfd. + + * svc.c (svc_getreqset): Break inner part of loop out into + local function svc_do_xprt(). Don't use rpc_dtablesize(); + instead, use svc_maxfd. + + * svc_run.c: Don't use rpc_dtablesize(). + + * clnt_generic.c, clnt_simple.c, getrpcport.c: + * svc_tcp.c, svc_udp.c: Set sockaddr_in.sin_len when available. + 2004-09-17 Tom Yu * libgssrpc.exports: Don't export internals. diff --git a/src/lib/rpc/auth.h b/src/lib/rpc/auth.h index 41cd95510..cc3de9764 100644 --- a/src/lib/rpc/auth.h +++ b/src/lib/rpc/auth.h @@ -172,9 +172,10 @@ typedef struct AUTH { ((*((auth)->ah_ops->ah_destroy))(auth)) +#ifdef GSSRPC__IMPL /* RENAMED: should be _null_auth if we can use reserved namespace. */ extern struct opaque_auth gssrpc__null_auth; - +#endif /* * These are the various implementations of client side authenticators. diff --git a/src/lib/rpc/clnt_generic.c b/src/lib/rpc/clnt_generic.c index 8c5fe3cbb..225ab9432 100644 --- a/src/lib/rpc/clnt_generic.c +++ b/src/lib/rpc/clnt_generic.c @@ -71,9 +71,12 @@ clnt_create( rpc_createerr.cf_error.re_errno = EAFNOSUPPORT; return (NULL); } + memset(&sockin, 0, sizeof(sockin)); +#if HAVE_STRUCT_SOCKADDR_IN_SIN_LEN + sockin.sin_len = sizeof(sockin); +#endif sockin.sin_family = h->h_addrtype; sockin.sin_port = 0; - memset(sockin.sin_zero, 0, sizeof(sockin.sin_zero)); memmove((char*)&sockin.sin_addr, h->h_addr, sizeof(sockin.sin_addr)); p = getprotobyname(proto); if (p == NULL) { diff --git a/src/lib/rpc/clnt_simple.c b/src/lib/rpc/clnt_simple.c index ebb2fee7d..317fbe5dd 100644 --- a/src/lib/rpc/clnt_simple.c +++ b/src/lib/rpc/clnt_simple.c @@ -98,8 +98,12 @@ callrpc( return ((int) RPC_UNKNOWNHOST); timeout.tv_usec = 0; timeout.tv_sec = 5; + memset(&server_addr, 0, sizeof(server_addr)); memmove((char *)&server_addr.sin_addr, hp->h_addr, sizeof(server_addr.sin_addr)); +#if HAVE_STRUCT_SOCKADDR_IN_SIN_LEN + server_addr.sin_len = sizeof(server_addr); +#endif server_addr.sin_family = AF_INET; server_addr.sin_port = 0; if ((crp->client = clntudp_create(&server_addr, prognum, diff --git a/src/lib/rpc/configure.in b/src/lib/rpc/configure.in index 404840649..31eaf1807 100644 --- a/src/lib/rpc/configure.in +++ b/src/lib/rpc/configure.in @@ -1,7 +1,7 @@ AC_INIT(auth_gssapi.c) CONFIG_RULES AC_CONFIG_SUBDIRS(unit-test) -AC_CHECK_HEADERS(sys/uio.h) +AC_CHECK_HEADERS(sys/uio.h sys/param.h) AC_TYPE_GETGROUPS ### Check where struct rpcent is declared. # @@ -137,6 +137,15 @@ fi AC_SUBST(GSSRPC__BSD_TYPEALIASES) AC_CHECK_FUNCS(strerror) +# +# sockaddr length field checks +# +AC_CHECK_MEMBERS([struct sockaddr_in.sin_len], , , + [#include +@%:@include ]) +AC_CHECK_MEMBERS([struct sockaddr.sa_len], , , + [#include +@%:@include ]) AC_MSG_CHECKING([return type of setrpcent]) AC_CACHE_VAL(k5_cv_type_setrpcent, diff --git a/src/lib/rpc/getrpcport.c b/src/lib/rpc/getrpcport.c index e40401726..4890d582c 100644 --- a/src/lib/rpc/getrpcport.c +++ b/src/lib/rpc/getrpcport.c @@ -54,7 +54,11 @@ gssrpc_getrpcport( if ((hp = gethostbyname(host)) == NULL) return (0); + memset(&addr, 0, sizeof(addr)); memmove((char *) &addr.sin_addr, hp->h_addr, sizeof(addr.sin_addr)); +#if HAVE_STRUCT_SOCKADDR_IN_SIN_LEN + addr.sin_len = sizeof(addr); +#endif addr.sin_family = AF_INET; addr.sin_port = 0; return (pmap_getport(&addr, prognum, versnum, proto)); diff --git a/src/lib/rpc/rpc_commondata.c b/src/lib/rpc/rpc_commondata.c index dc3df925c..882b6a4ea 100644 --- a/src/lib/rpc/rpc_commondata.c +++ b/src/lib/rpc/rpc_commondata.c @@ -44,3 +44,4 @@ int gssrpc_svc_fdset_init = 0; int svc_fds = 0; #endif /* def FD_SETSIZE */ struct rpc_createerr rpc_createerr = {RPC_SUCCESS}; +int svc_maxfd = -1; diff --git a/src/lib/rpc/svc.c b/src/lib/rpc/svc.c index 523ef2f6d..7d2be1c1a 100644 --- a/src/lib/rpc/svc.c +++ b/src/lib/rpc/svc.c @@ -41,7 +41,9 @@ static char sccsid[] = "@(#)svc.c 1.41 87/10/13 Copyr 1984 Sun Micro"; * Copyright (C) 1984, Sun Microsystems, Inc. */ -#include +#if HAVE_SYS_PARAM_H +#include +#endif #include #include #include @@ -50,16 +52,20 @@ static char sccsid[] = "@(#)svc.c 1.41 87/10/13 Copyr 1984 Sun Micro"; #ifdef FD_SETSIZE static SVCXPRT **xports; -static int max_xport = 0; extern int gssrpc_svc_fdset_init; #else -#define NOFILE 32 + +#ifdef NBBY +#define NOFILE (sizeof(int) * NBBY) +#else +#define NOFILE (sizeof(int) * 8) +#endif static SVCXPRT *xports[NOFILE]; #endif /* def FD_SETSIZE */ #define NULL_SVC ((struct svc_callout *)0) -#define RQCRED_SIZE 400 /* this size is excessive */ +#define RQCRED_SIZE 1024 /* this size is excessive */ /* * The services list @@ -77,6 +83,8 @@ static struct svc_callout { static struct svc_callout *svc_find(rpcprog_t, rpcvers_t, struct svc_callout **); +static void svc_do_xprt(SVCXPRT *xprt); + /* *************** SVCXPRT related stuff **************** */ /* @@ -89,19 +97,17 @@ xprt_register(SVCXPRT *xprt) #ifdef FD_SETSIZE if (gssrpc_svc_fdset_init == 0) { - FD_ZERO(&svc_fdset); - gssrpc_svc_fdset_init++; + FD_ZERO(&svc_fdset); + gssrpc_svc_fdset_init++; } if (xports == NULL) { xports = (SVCXPRT **) mem_alloc(FD_SETSIZE * sizeof(SVCXPRT *)); memset(xports, 0, FD_SETSIZE * sizeof(SVCXPRT *)); } - if (sock < gssrpc__rpc_dtablesize()) { + if (sock < FD_SETSIZE) { xports[sock] = xprt; FD_SET(sock, &svc_fdset); - if (max_xport < sock) - max_xport = sock; } #else if (sock < NOFILE) { @@ -109,7 +115,8 @@ xprt_register(SVCXPRT *xprt) svc_fds |= (1 << sock); } #endif /* def FD_SETSIZE */ - + if (sock > svc_maxfd) + svc_maxfd = sock; } /* @@ -121,13 +128,9 @@ xprt_unregister(SVCXPRT *xprt) register int sock = xprt->xp_sock; #ifdef FD_SETSIZE - if ((sock < gssrpc__rpc_dtablesize()) && (xports[sock] == xprt)) { + if ((sock < FD_SETSIZE) && (xports[sock] == xprt)) { xports[sock] = (SVCXPRT *)0; FD_CLR(sock, &svc_fdset); - if (max_xport <= sock) { - while ((max_xport > 0) && xports[max_xport] == 0) - max_xport--; - } } #else if ((sock < NOFILE) && (xports[sock] == xprt)) { @@ -135,6 +138,10 @@ xprt_unregister(SVCXPRT *xprt) svc_fds &= ~(1 << sock); } #endif /* def FD_SETSIZE */ + if (svc_maxfd <= sock) { + while ((svc_maxfd > 0) && xports[svc_maxfd] == 0) + svc_maxfd--; + } } @@ -393,28 +400,53 @@ svc_getreq(int rdfds) #endif /* def FD_SETSIZE */ } -void -svc_getreqset( #ifdef FD_SETSIZE - fd_set *readfds +#define FDSET_TYPE fd_set #else - int *readfds -#endif /* def FD_SETSIZE */ - ) +#define FDSET_TYPE int +#endif + +void +svc_getreqset(FDSET_TYPE *readfds) { #ifndef FD_SETSIZE int readfds_local = *readfds; #endif - enum xprt_stat stat; + register SVCXPRT *xprt; + register int sock; + +#ifdef FD_SETSIZE + for (sock = 0; sock <= svc_maxfd; sock++) { + if (!FD_ISSET(sock, readfds)) + continue; + /* sock has input waiting */ + xprt = xports[sock]; + /* now receive msgs from xprtprt (support batch calls) */ + svc_do_xprt(xprt); + } +#else + for (sock = 0; readfds_local != 0; sock++, readfds_local >>= 1) { + if ((readfds_local & 1) == 0) + continue; + /* sock has input waiting */ + xprt = xports[sock]; + /* now receive msgs from xprtprt (support batch calls) */ + svc_do_xprt(xprt); + } +#endif +} + +static void +svc_do_xprt(SVCXPRT *xprt) +{ + caddr_t rawcred, rawverf, cookedcred; struct rpc_msg msg; + struct svc_req r; + bool_t no_dispatch; int prog_found; rpcvers_t low_vers; rpcvers_t high_vers; - struct svc_req r; - register SVCXPRT *xprt; - register int sock; - bool_t no_dispatch; - caddr_t rawcred, rawverf, cookedcred; + enum xprt_stat stat; rawcred = mem_alloc(MAX_AUTH_BYTES); rawverf = mem_alloc(MAX_AUTH_BYTES); @@ -427,81 +459,67 @@ svc_getreqset( msg.rm_call.cb_verf.oa_base = rawverf; r.rq_clntcred = cookedcred; -#ifdef FD_SETSIZE -#define loopcond (sock <= max_xport) -#define loopincr (sock++) -#define sockready (FD_ISSET(sock, readfds)) -#else -#define loopcond (readfds_local !=0) -#define loopincr (sock++, readfds_local >>= 1) -#define sockready ((readfds_local & 1) != 0) -#endif + do { + register struct svc_callout *s; + enum auth_stat why; - for (sock = 0; loopcond; loopincr) { - if (sockready) { - /* sock has input waiting */ - xprt = xports[sock]; - /* now receive msgs from xprtprt (support batch calls) */ - do { - if (SVC_RECV(xprt, &msg)) { - - /* now find the exported program and call it */ - register struct svc_callout *s; - enum auth_stat why; - - r.rq_xprt = xprt; - r.rq_prog = msg.rm_call.cb_prog; - r.rq_vers = msg.rm_call.cb_vers; - r.rq_proc = msg.rm_call.cb_proc; - r.rq_cred = msg.rm_call.cb_cred; - - no_dispatch = FALSE; - - /* first authenticate the message */ - why=gssrpc__authenticate(&r, &msg, &no_dispatch); - if (why != AUTH_OK) { - svcerr_auth(xprt, why); - goto call_done; - } else if (no_dispatch) { - goto call_done; - } - - /* now match message with a registered service*/ - prog_found = FALSE; - low_vers = (rpcvers_t) -1L; - high_vers = 0; - for (s = svc_head; s != NULL_SVC; s = s->sc_next) { - if (s->sc_prog == r.rq_prog) { - if (s->sc_vers == r.rq_vers) { - (*s->sc_dispatch)(&r, xprt); - goto call_done; - } /* found correct version */ - prog_found = TRUE; - if (s->sc_vers < low_vers) - low_vers = s->sc_vers; - if (s->sc_vers > high_vers) - high_vers = s->sc_vers; - } /* found correct program */ - } - /* - * if we got here, the program or version - * is not served ... - */ - if (prog_found) - svcerr_progvers(xprt, + if (!SVC_RECV(xprt, &msg)) + goto call_done; + + /* now find the exported program and call it */ + + r.rq_xprt = xprt; + r.rq_prog = msg.rm_call.cb_prog; + r.rq_vers = msg.rm_call.cb_vers; + r.rq_proc = msg.rm_call.cb_proc; + r.rq_cred = msg.rm_call.cb_cred; + + no_dispatch = FALSE; + + /* first authenticate the message */ + why = gssrpc__authenticate(&r, &msg, &no_dispatch); + if (why != AUTH_OK) { + svcerr_auth(xprt, why); + goto call_done; + } else if (no_dispatch) { + goto call_done; + } + + /* now match message with a registered service*/ + prog_found = FALSE; + low_vers = (rpcvers_t) -1L; + high_vers = 0; + for (s = svc_head; s != NULL_SVC; s = s->sc_next) { + if (s->sc_prog == r.rq_prog) { + if (s->sc_vers == r.rq_vers) { + (*s->sc_dispatch)(&r, xprt); + goto call_done; + } /* found correct version */ + prog_found = TRUE; + if (s->sc_vers < low_vers) + low_vers = s->sc_vers; + if (s->sc_vers > high_vers) + high_vers = s->sc_vers; + } /* found correct program */ + } + /* + * if we got here, the program or version + * is not served ... + */ + if (prog_found) + svcerr_progvers(xprt, low_vers, high_vers); - else - svcerr_noprog(xprt); - /* Fall through to ... */ - } - call_done: - if ((stat = SVC_STAT(xprt)) == XPRT_DIED){ - SVC_DESTROY(xprt); - break; - } - } while (stat == XPRT_MOREREQS); - } - } + else + svcerr_noprog(xprt); + /* Fall through to ... */ + + call_done: + if ((stat = SVC_STAT(xprt)) == XPRT_DIED){ + SVC_DESTROY(xprt); + break; + } + } while (stat == XPRT_MOREREQS); + mem_free(rawcred, MAX_AUTH_BYTES); mem_free(rawverf, MAX_AUTH_BYTES); mem_free(cookedcred, RQCRED_SIZE); diff --git a/src/lib/rpc/svc.h b/src/lib/rpc/svc.h index 360e5cbf6..b66353540 100644 --- a/src/lib/rpc/svc.h +++ b/src/lib/rpc/svc.h @@ -281,6 +281,7 @@ extern fd_set svc_fdset; #else extern int svc_fds; #endif /* def FD_SETSIZE */ +extern int svc_maxfd; /* * a small program implemented by the svc_rpc implementation itself; diff --git a/src/lib/rpc/svc_auth.h b/src/lib/rpc/svc_auth.h index 2863b8fd2..541aa4514 100644 --- a/src/lib/rpc/svc_auth.h +++ b/src/lib/rpc/svc_auth.h @@ -59,6 +59,8 @@ typedef struct SVCAUTH { void * svc_ah_private; } SVCAUTH; +#ifdef GSSRPC__IMPL + extern SVCAUTH svc_auth_none; extern struct svc_auth_ops svc_auth_none_ops; @@ -78,17 +80,6 @@ extern enum auth_stat gssrpc__authenticate(struct svc_req *rqst, ((*((auth)->svc_ah_ops->svc_ah_unwrap))(auth, xdrs, xfunc, xwhere)) #define SVCAUTH_DESTROY(auth) \ ((*((auth)->svc_ah_ops->svc_ah_destroy))(auth)) - -/* - * Approved way of getting principal of caller - */ -char *svcauth_gss_get_principal(SVCAUTH *auth); -/* - * Approved way of setting server principal - */ -bool_t svcauth_gss_set_svc_name(gss_name_t name); - -#ifdef GSSRPC__IMPL /* no authentication */ /* RENAMED: should be _svcauth_none. */ @@ -112,6 +103,15 @@ enum auth_stat gssrpc__svcauth_gss(struct svc_req *, #endif /* defined(GSSRPC__IMPL) */ +/* + * Approved way of getting principal of caller + */ +char *svcauth_gss_get_principal(SVCAUTH *auth); +/* + * Approved way of setting server principal + */ +bool_t svcauth_gss_set_svc_name(gss_name_t name); + GSSRPC__END_DECLS #endif /* !defined(GSSRPC_SVC_AUTH_H) */ diff --git a/src/lib/rpc/svc_run.c b/src/lib/rpc/svc_run.c index f87a1e12f..b661f88b3 100644 --- a/src/lib/rpc/svc_run.c +++ b/src/lib/rpc/svc_run.c @@ -36,16 +36,19 @@ static char sccsid[] = "@(#)svc_run.c 1.1 87/10/13 Copyr 1984 Sun Micro"; * This is the rpc server side idle loop * Wait for input, call server program. */ + #include #include +extern int svc_maxfd; + void svc_run(void) { #ifdef FD_SETSIZE fd_set readfds; #else - int readfds; + int readfds; #endif /* def FD_SETSIZE */ for (;;) { @@ -54,7 +57,7 @@ svc_run(void) #else readfds = svc_fds; #endif /* def FD_SETSIZE */ - switch (select(gssrpc__rpc_dtablesize(), &readfds, (fd_set *)0, + switch (select(svc_maxfd + 1, &readfds, (fd_set *)0, (fd_set *)0, (struct timeval *)0)) { case -1: if (errno == EINTR) { diff --git a/src/lib/rpc/svc_tcp.c b/src/lib/rpc/svc_tcp.c index 95ab9febc..ce9bb35af 100644 --- a/src/lib/rpc/svc_tcp.c +++ b/src/lib/rpc/svc_tcp.c @@ -145,6 +145,9 @@ svctcp_create( madesock = TRUE; } memset((char *)&addr, 0, sizeof (addr)); +#if HAVE_STRUCT_SOCKADDR_IN_SIN_LEN + addr.sin_len = sizeof(addr); +#endif addr.sin_family = AF_INET; if (bindresvport(sock, &addr)) { addr.sin_port = 0; @@ -338,7 +341,7 @@ readtcp( do { readfds = mask; tout = wait_per_try; - if (select(gssrpc__rpc_dtablesize(), &readfds, (fd_set*)NULL, + if (select(sock + 1, &readfds, (fd_set*)NULL, (fd_set*)NULL, &tout) <= 0) { if (errno == EINTR) { continue; diff --git a/src/lib/rpc/svc_udp.c b/src/lib/rpc/svc_udp.c index 3cc3147cb..16eb5f01a 100644 --- a/src/lib/rpc/svc_udp.c +++ b/src/lib/rpc/svc_udp.c @@ -120,6 +120,9 @@ svcudp_bufcreate( madesock = TRUE; } memset((char *)&addr, 0, sizeof (addr)); +#if HAVE_STRUCT_SOCKADDR_IN_SIN_LEN + addr.sin_len = sizeof(addr); +#endif addr.sin_family = AF_INET; if (bindresvport(sock, &addr)) { addr.sin_port = 0; -- 2.26.2