diff options
author | Ulrich Drepper <drepper@redhat.com> | 1998-07-28 16:26:04 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 1998-07-28 16:26:04 +0000 |
commit | e852e889444a8bf27f3e5075d064e9922b38e7e2 (patch) | |
tree | 75d2d4b1010a26d723daefef7909d1a6355929bc /sunrpc/key_call.c | |
parent | c9243dacea19b7dcf36bb69ca83877d3ea905831 (diff) | |
download | glibc-e852e889444a8bf27f3e5075d064e9922b38e7e2.tar.gz |
Update.
1998-07-28 Ulrich Drepper <drepper@cygnus.com>
* math/libm-test.c (tgamma_test): Remove redundant tests.
1998-07-28 16:20 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/generic/glob.c: Correct problems with */foo and GLOB_NOCHECK
where foo does not exist in any of the subdirectories.
Reported by Paul D. Smith <psmith@BayNetworks.COM>.
* posix/globtest.sh: Add test for this bug.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* io/sys/statfs.h: Fix typos.
* io/sys/statvfs.h: Fix typos.
1998-07-28 Ulrich Drepper <drepper@cygnus.com>
* version.h (VERSION): Bump to 2.0.95.
* math/Makefile (libm-calls): Remove w_gamma, add w_tgamma.
* math/Versions [GLIBC_2.1]: Add tgamma, tgammaf, and tgammal.
* math/libm-test.c: Split old gamma_test and move half of it in new
function tgamma_test.
* math/bits/mathcalls.h: Add declaration of tgamma.
* sysdeps/libm-ieee754/k_standard.c: Change gamma errors into
tgamma errors.
* sysdeps/libm-ieee754/w_gamma.c: Remove lgamma compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgamma.c: ... this. New file.
* sysdeps/libm-ieee754/w_gammaf.c: Remove lgammaf compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgammaf.c: ... this. New file.
* sysdeps/libm-ieee754/w_gammal.c: Remove lgammal compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgammal.c: ... this. New file.
* sysdeps/libm-ieee754/w_lgamma.c: Add gamma as weak alias.
* sysdeps/libm-ieee754/w_lgammaf.c: Likewise.
* sysdeps/libm-ieee754/w_lgammal.c: Likewise.
* stgdio-common/printf-parse.h: Implement handling of j, t, and z
modifiers.
* stdio-common/vfprintf.c: Likewise.
* stdio-common/vfscanf.c: Likewise.
* manual/stdio.texi: Document new printf/scanf modifiers.
* sysdeps/unix/sysv/linux/recvmsg.c: Remove alias __recvmsg.
* sysdeps/unix/sysv/linux/sendmsg.c: Remove alias __sendmsg.
1998-07-28 Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
* sunrpc/Makefile (routines): Add clnt_unix and svc_unix.
* sunrpc/Versions: Add new *unix_create functions.
* sunrpc/clnt_gen.c: Add support for RPC over AF_UNIX.
* sunrpc/clnt_unix.c: New, client side of RPC over AF_UNIX.
* sunrpc/key_call.c: Use RPC over AF_UNIX for communication
with keyserv daemon.
* sunrpc/rpc/clnt.h: Add AF_UNIX based RPC function prototypes.
* sunrpc/rpc/svc.h: Likewise.
* sunrpc/svc_authux.c: Copy internal auth flavor if none is given.
* sunrpc/svc_tcp.c: Fix typos.
* sunrpc/svc_unix.c: New, server side of AF_UNIX based RPC.
* nis/Makefile: Remove currently not working cache functions.
* nis/Versions: Add __nisbind_* functions for rpc.nisd.
* nis/nis_call.c: Rewrite binding to a NIS+ server to reuse
CLIENT handles.
* nis/nis_file.c: Fix memory leaks.
* nis/nis_intern.h: Move internal structs from here ...
* nis/rpcsvc/nislib.h: ... to here for NIS+ server and tools.
* nis/nis_lookup.c: Try at first if last client handle works.
* nis/nis_table.c: Likewise.
* nis/nis_checkpoint.c: Adjust __do_niscall2 parameters.
* nis/nis_mkdir.c: Likewise.
* nis/nis_ping.c: Likewise.
* nis/nis_rmdir.c: Likewise.
* nis/nis_server.c: Likewise.
* nis/nis_util.c: Likewise.
* nis/nis_findserv.c (__nis_findfastest): Little optimization.
1998-07-28 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* stdlib/strtol.c (STRTOL_LONG_MAX): Correct typo in last patch -
define as LONG_MAX.
1998-07-28 09:31 Ulrich Drepper <drepper@cygnus.com>
* nscd/connections.c (gr_send_answer): Deal with missing UIO_MAXIOV.
Correct test whether writev send all data.
* nscd/nscd_getgr_r.c (__nscd_getgr_r): Correct test whether readv
received all data.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* nscd/nscd_getgr_r.c (__nscd_getgr_r): Deal with missing UIO_MAXIOV.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* sysdeps/mach/hurd/dl-sysdep.c (open_file): Change assert call to
allow mode to be 0.
(__xstat): New function.
(__fxstat): New function.
(_dl_sysdep_read_whole_file): Removed. The implementation in
`elf/dl-misc.c' now also works for the Hurd.
Diffstat (limited to 'sunrpc/key_call.c')
-rw-r--r-- | sunrpc/key_call.c | 200 |
1 files changed, 176 insertions, 24 deletions
diff --git a/sunrpc/key_call.c b/sunrpc/key_call.c index e59a8b7a37..0219eaf5ad 100644 --- a/sunrpc/key_call.c +++ b/sunrpc/key_call.c @@ -38,6 +38,7 @@ #include <stdio.h> #include <errno.h> +#include <fcntl.h> #include <signal.h> #include <unistd.h> #include <string.h> @@ -47,6 +48,7 @@ #include <sys/param.h> #include <sys/socket.h> #include <rpc/key_prot.h> +#include <bits/libc-lock.h> #define KEY_TIMEOUT 5 /* per-try timeout in seconds */ #define KEY_NRETRY 12 /* number of retries */ @@ -268,8 +270,8 @@ des_block *(*__key_gendes_LOCAL) (uid_t, char *) = 0; static int internal_function -key_call (u_long proc, xdrproc_t xdr_arg, char *arg, - xdrproc_t xdr_rslt, char *rslt) +key_call_keyenvoy (u_long proc, xdrproc_t xdr_arg, char *arg, + xdrproc_t xdr_rslt, char *rslt) { XDR xdrargs; XDR xdrrslt; @@ -283,28 +285,6 @@ key_call (u_long proc, xdrproc_t xdr_arg, char *arg, uid_t euid; static char MESSENGER[] = "/usr/etc/keyenvoy"; - if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL) - { - cryptkeyres *res; - res = (*__key_encryptsession_pk_LOCAL) (__geteuid (), arg); - *(cryptkeyres *) rslt = *res; - return 1; - } - else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL) - { - cryptkeyres *res; - res = (*__key_decryptsession_pk_LOCAL) (__geteuid (), arg); - *(cryptkeyres *) rslt = *res; - return 1; - } - else if (proc == KEY_GEN && __key_gendes_LOCAL) - { - des_block *res; - res = (*__key_gendes_LOCAL) (__geteuid (), 0); - *(des_block *) rslt = *res; - return 1; - } - success = 1; sigemptyset (&mask); sigaddset (&mask, SIGCHLD); @@ -365,3 +345,175 @@ key_call (u_long proc, xdrproc_t xdr_arg, char *arg, return success; } + +struct key_call_private { + CLIENT *client; /* Client handle */ + pid_t pid; /* process-id at moment of creation */ + uid_t uid; /* user-id at last authorization */ +}; +static struct key_call_private *key_call_private_main = NULL; +__libc_lock_define_initialized (static, keycall_lock) + +/* + * Keep the handle cached. This call may be made quite often. + */ +static CLIENT * +getkeyserv_handle (int vers) +{ + struct key_call_private *kcp = key_call_private_main; + struct timeval wait_time; + int fd; + struct sockaddr_un name; + int namelen = sizeof(struct sockaddr_un); + +#define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */ +#define TOTAL_TRIES 5 /* Number of tries */ + + if (kcp == (struct key_call_private *)NULL) + { + kcp = (struct key_call_private *)malloc (sizeof (*kcp)); + if (kcp == (struct key_call_private *)NULL) + return (CLIENT *) NULL; + + key_call_private_main = kcp; + kcp->client = NULL; + } + + /* if pid has changed, destroy client and rebuild */ + if (kcp->client != NULL && kcp->pid != __getpid ()) + { + clnt_destroy (kcp->client); + kcp->client = NULL; + } + + if (kcp->client != NULL) + { + /* if other side closed socket, build handle again */ + clnt_control (kcp->client, CLGET_FD, (char *)&fd); + if (getpeername (fd,(struct sockaddr *)&name,&namelen) == -1) + { + auth_destroy (kcp->client->cl_auth); + clnt_destroy (kcp->client); + kcp->client = NULL; + } + } + + if (kcp->client != NULL) + { + /* if uid has changed, build client handle again */ + if (kcp->uid != __geteuid ()) + { + kcp->uid = __geteuid (); + auth_destroy (kcp->client->cl_auth); + kcp->client->cl_auth = + authunix_create ((char *)"", kcp->uid, 0, 0, NULL); + if (kcp->client->cl_auth == NULL) + { + clnt_destroy (kcp->client); + kcp->client = NULL; + return ((CLIENT *) NULL); + } + } + /* Change the version number to the new one */ + clnt_control (kcp->client, CLSET_VERS, (void *)&vers); + return kcp->client; + } + + if ((kcp->client == (CLIENT *) NULL)) + /* Use the AF_UNIX transport */ + kcp->client = clnt_create ("/var/run/keyservsock", KEY_PROG, vers, "unix"); + + if (kcp->client == (CLIENT *) NULL) + return (CLIENT *) NULL; + + kcp->uid = __geteuid (); + kcp->pid = __getpid (); + kcp->client->cl_auth = authunix_create ((char *)"", kcp->uid, 0, 0, NULL); + if (kcp->client->cl_auth == NULL) + { + clnt_destroy (kcp->client); + kcp->client = NULL; + return (CLIENT *) NULL; + } + + wait_time.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES; + wait_time.tv_usec = 0; + clnt_control (kcp->client, CLSET_RETRY_TIMEOUT, + (char *)&wait_time); + if (clnt_control (kcp->client, CLGET_FD, (char *)&fd)) + fcntl (fd, F_SETFD, 1); /* make it "close on exec" */ + + return kcp->client; +} + +/* returns 0 on failure, 1 on success */ +static int +internal_function +key_call_socket (u_long proc, xdrproc_t xdr_arg, char *arg, + xdrproc_t xdr_rslt, char *rslt) +{ + CLIENT *clnt; + struct timeval wait_time; + int result = 0; + + __libc_lock_lock (keycall_lock); + if ((proc == KEY_ENCRYPT_PK) || (proc == KEY_DECRYPT_PK) || + (proc == KEY_NET_GET) || (proc == KEY_NET_PUT) || + (proc == KEY_GET_CONV)) + clnt = getkeyserv_handle(2); /* talk to version 2 */ + else + clnt = getkeyserv_handle(1); /* talk to version 1 */ + + if (clnt != NULL) + { + wait_time.tv_sec = TOTAL_TIMEOUT; + wait_time.tv_usec = 0; + + if (clnt_call (clnt, proc, xdr_arg, arg, xdr_rslt, rslt, + wait_time) == RPC_SUCCESS) + result = 1; + } + + __libc_lock_unlock (keycall_lock); + + return result; +} + +/* returns 0 on failure, 1 on success */ +static int +internal_function +key_call (u_long proc, xdrproc_t xdr_arg, char *arg, + xdrproc_t xdr_rslt, char *rslt) +{ + static int use_keyenvoy = 0; + + if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL) + { + cryptkeyres *res; + res = (*__key_encryptsession_pk_LOCAL) (__geteuid (), arg); + *(cryptkeyres *) rslt = *res; + return 1; + } + else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL) + { + cryptkeyres *res; + res = (*__key_decryptsession_pk_LOCAL) (__geteuid (), arg); + *(cryptkeyres *) rslt = *res; + return 1; + } + else if (proc == KEY_GEN && __key_gendes_LOCAL) + { + des_block *res; + res = (*__key_gendes_LOCAL) (__geteuid (), 0); + *(des_block *) rslt = *res; + return 1; + } + + if (!use_keyenvoy) + { + if (key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt)) + return 1; + use_keyenvoy = 1; + } + return key_call_keyenvoy (proc, xdr_arg, arg, xdr_rslt, rslt); +} |