Whamcloud - gitweb
git://git.whamcloud.com / fs / lustre-release.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
LU-9679 general: add missing spaces to folded strings.
[fs/lustre-release.git] / lustre / utils / gss / svcgssd_proc.c
diff --git a/lustre/utils/gss/svcgssd_proc.c b/lustre/utils/gss/svcgssd_proc.c
index 8b97498..f2e94fc 100644 (file)
--- a/lustre/utils/gss/svcgssd_proc.c
+++ b/lustre/utils/gss/svcgssd_proc.c
@@ -1,39 +1,36 @@
 /*
 /*
-  svc_in_gssd_proc.c
-
-  Copyright (c) 2000 The Regents of the University of Michigan.
-  All rights reserved.
-
-  Copyright (c) 2002 Bruce Fields <bfields@UMICH.EDU>
-
-  Copyright (c) 2014, Intel Corporation.
-
-  Redistribution and use in source and binary forms, with or without
-  modification, are permitted provided that the following conditions
-  are met:
-
-  1. Redistributions of source code must retain the above copyright
-     notice, this list of conditions and the following disclaimer.
-  2. Redistributions in binary form must reproduce the above copyright
-     notice, this list of conditions and the following disclaimer in the
-     documentation and/or other materials provided with the distribution.
-  3. Neither the name of the University nor the names of its
-     contributors may be used to endorse or promote products derived
-     from this software without specific prior written permission.
-
-  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
-  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-*/
+ * svc_in_gssd_proc.c
+ *
+ * Copyright (c) 2000 The Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Copyright (c) 2002 Bruce Fields <bfields@UMICH.EDU>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
 
 #include <sys/param.h>
 #include <sys/stat.h>
 
 #include <sys/param.h>
 #include <sys/stat.h>
@@ -51,7 +48,6 @@
 #endif
 
 #include <stdbool.h>
 #endif
 
 #include <stdbool.h>
-#include <lnet/nidstr.h>
 
 #include "svcgssd.h"
 #include "gss_util.h"
 
 #include "svcgssd.h"
 #include "gss_util.h"
@@ -61,7 +57,6 @@
 #include "lsupport.h"
 #include "gss_oids.h"
 #include "sk_utils.h"
 #include "lsupport.h"
 #include "gss_oids.h"
 #include "sk_utils.h"
-#include <lustre/lustre_idl.h>
 
 #define SVCGSSD_CONTEXT_CHANNEL "/proc/net/rpc/auth.sptlrpc.context/channel"
 #define SVCGSSD_INIT_CHANNEL    "/proc/net/rpc/auth.sptlrpc.init/channel"
 
 #define SVCGSSD_CONTEXT_CHANNEL "/proc/net/rpc/auth.sptlrpc.context/channel"
 #define SVCGSSD_INIT_CHANNEL    "/proc/net/rpc/auth.sptlrpc.init/channel"
@@ -118,7 +113,7 @@ do_svc_downcall(gss_buffer_desc *out_handle, struct svc_cred *cred,
        }
        qword_printhex(f, out_handle->value, out_handle->length);
        /* XXX are types OK for the rest of this? */
        }
        qword_printhex(f, out_handle->value, out_handle->length);
        /* XXX are types OK for the rest of this? */
-       qword_printint(f, 3600); /* an hour should be sufficient */
+       qword_printint(f, time(NULL) + 3600);   /* 1 hour should be ok */
        qword_printint(f, cred->cr_remote);
        qword_printint(f, cred->cr_usr_root);
        qword_printint(f, cred->cr_usr_mds);
        qword_printint(f, cred->cr_remote);
        qword_printint(f, cred->cr_usr_root);
        qword_printint(f, cred->cr_usr_mds);
@@ -157,7 +152,7 @@ send_response(FILE *f, gss_buffer_desc *in_handle, gss_buffer_desc *in_token,
        printerr(2, "sending reply\n");
        qword_addhex(&bp, &blen, in_handle->value, in_handle->length);
        qword_addhex(&bp, &blen, in_token->value, in_token->length);
        printerr(2, "sending reply\n");
        qword_addhex(&bp, &blen, in_handle->value, in_handle->length);
        qword_addhex(&bp, &blen, in_token->value, in_token->length);
-       qword_addint(&bp, &blen, 3600); /* an hour should be sufficient */
+       qword_addint(&bp, &blen, time(NULL) + 3600);   /* 1 hour should be ok */
        qword_adduint(&bp, &blen, maj_stat);
        qword_adduint(&bp, &blen, min_stat);
        qword_addhex(&bp, &blen, out_handle->value, out_handle->length);
        qword_adduint(&bp, &blen, maj_stat);
        qword_adduint(&bp, &blen, min_stat);
        qword_addhex(&bp, &blen, out_handle->value, out_handle->length);
@@ -232,17 +227,17 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred,
        else
                cred->cr_mapped_uid = -1;
 
        else
                cred->cr_mapped_uid = -1;
 
-        realm = strchr(sname, '@');
+       realm = strchr(sname, '@');
        if (realm) {
        if (realm) {
-                *realm++ = '\0';
+               *realm++ = '\0';
        } else {
                printerr(0, "ERROR: %s has no realm name\n", sname);
                goto out_free;
        }
 
        } else {
                printerr(0, "ERROR: %s has no realm name\n", sname);
                goto out_free;
        }
 
-        host = strchr(sname, '/');
-        if (host)
-                *host++ = '\0';
+       host = strchr(sname, '/');
+       if (host)
+               *host++ = '\0';
 
        if (strcmp(sname, GSSD_SERVICE_MGS) == 0) {
                printerr(0, "forbid %s as a user name\n", sname);
 
        if (strcmp(sname, GSSD_SERVICE_MGS) == 0) {
                printerr(0, "forbid %s as a user name\n", sname);
@@ -348,8 +343,8 @@ out_free:
                printerr(1, "%s: authenticated %s%s%s@%s from %016llx\n",
                         lustre_svc_name[lustre_svc], sname,
                         host ? "/" : "", host ? host : "", realm, nid);
                printerr(1, "%s: authenticated %s%s%s@%s from %016llx\n",
                         lustre_svc_name[lustre_svc], sname,
                         host ? "/" : "", host ? host : "", realm, nid);
-        free(sname);
-        return res;
+       free(sname);
+       return res;
 }
 
 typedef struct gss_union_ctx_id_t {
 }
 
 typedef struct gss_union_ctx_id_t {
@@ -415,6 +410,22 @@ int handle_sk(struct svc_nego_data *snd)
                goto cleanup_buffers;
        }
 
                goto cleanup_buffers;
        }
 
+       /* Verify that the peer has used a prime size greater or equal to
+        * the size specified in the key file which may contain only zero
+        * fill but the size specifies the mimimum supported size on
+        * servers */
+       if (skc->sc_flags & LGSS_SVC_PRIV &&
+           bufs[SK_INIT_P].length < skc->sc_p.length) {
+               printerr(0, "Peer DHKE prime does not meet the size required "
+                        "by keyfile: %zd bits\n", skc->sc_p.length * 8);
+               goto cleanup_buffers;
+       }
+
+       /* Throw out the p from the server and use the wire data */
+       free(skc->sc_p.value);
+       skc->sc_p.value = NULL;
+       skc->sc_p.length = 0;
+
        /* Take control of all the allocated buffers from decoding */
        if (bufs[SK_INIT_RANDOM].length !=
            sizeof(skc->sc_kctx.skc_peer_random)) {
        /* Take control of all the allocated buffers from decoding */
        if (bufs[SK_INIT_RANDOM].length !=
            sizeof(skc->sc_kctx.skc_peer_random)) {
@@ -429,15 +440,6 @@ int handle_sk(struct svc_nego_data *snd)
        skc->sc_nodemap_hash = bufs[SK_INIT_NODEMAP];
        skc->sc_hmac = bufs[SK_INIT_HMAC];
 
        skc->sc_nodemap_hash = bufs[SK_INIT_NODEMAP];
        skc->sc_hmac = bufs[SK_INIT_HMAC];
 
-       /* Verify that the peer has used a key size greater to or equal
-        * the size specified by the key file */
-       if (skc->sc_flags & LGSS_SVC_PRIV &&
-           skc->sc_p.length < skc->sc_session_keylen) {
-               printerr(0, "Peer DH parameters do not meet the size required "
-                        "by keyfile\n");
-               goto cleanup_partial;
-       }
-
        /* Verify HMAC from peer.  Ideally this would happen before anything
         * else but we don't have enough information to lookup key without the
         * token (fsname and cluster_hash) so it's done after. */
        /* Verify HMAC from peer.  Ideally this would happen before anything
         * else but we don't have enough information to lookup key without the
         * token (fsname and cluster_hash) so it's done after. */
@@ -456,7 +458,7 @@ int handle_sk(struct svc_nego_data *snd)
                goto cleanup_partial;
        }
 
                goto cleanup_partial;
        }
 
-       rc = sk_gen_params(skc, false);
+       rc = sk_gen_params(skc);
        if (rc != GSS_S_COMPLETE) {
                printerr(0, "Failed to generate DH params for responder\n");
                goto cleanup_partial;
        if (rc != GSS_S_COMPLETE) {
                printerr(0, "Failed to generate DH params for responder\n");
                goto cleanup_partial;
@@ -739,32 +741,49 @@ int handle_channel_request(FILE *f)
        switch (lustre_mech) {
        case LGSS_MECH_KRB5:
                if (!krb_enabled) {
        switch (lustre_mech) {
        case LGSS_MECH_KRB5:
                if (!krb_enabled) {
-                       printerr(1, "WARNING: Request for kerberos but service "
-                                "support not enabled\n");
+                       static time_t next_krb;
+
+                       if (time(NULL) > next_krb) {
+                               printerr(1, "warning: Request for kerberos but "
+                                        "service support not enabled\n");
+                               next_krb = time(NULL) + 3600;
+                       }
                        goto ignore;
                }
                snd.mech = &krb5oid;
                break;
        case LGSS_MECH_NULL:
                if (!null_enabled) {
                        goto ignore;
                }
                snd.mech = &krb5oid;
                break;
        case LGSS_MECH_NULL:
                if (!null_enabled) {
-                       printerr(1, "WARNING: Request for gssnull but service "
-                                "support not enabled\n");
+                       static time_t next_null;
+
+                       if (time(NULL) > next_null) {
+                               printerr(1, "warning: Request for gssnull but "
+                                        "service support not enabled\n");
+                               next_null = time(NULL) + 3600;
+                       }
                        goto ignore;
                }
                snd.mech = &nulloid;
                break;
        case LGSS_MECH_SK:
                        goto ignore;
                }
                snd.mech = &nulloid;
                break;
        case LGSS_MECH_SK:
-#ifdef HAVE_OPENSSL_SSK
                if (!sk_enabled) {
                if (!sk_enabled) {
-                       printerr(1, "WARNING: Request for sk but service "
-                                "support not enabled\n");
+                       static time_t next_ssk;
+
+                       if (time(NULL) > next_ssk) {
+                               printerr(1, "warning: Request for SSK but "
+                                        "service support not %s\n",
+#ifdef HAVE_OPENSSL_SSK
+                                        "enabled"
+#else
+                                        "included"
+#endif
+                                       );
+                               next_ssk = time(NULL) + 3600;
+                       }
+
                        goto ignore;
                }
                snd.mech = &skoid;
                        goto ignore;
                }
                snd.mech = &skoid;
-#else
-               printerr(1, "ERROR: Request for sk but service "
-                        "support not enabled\n");
-#endif
                break;
        default:
                printerr(0, "WARNING: invalid mechanism recevied: %d\n",
                break;
        default:
                printerr(0, "WARNING: invalid mechanism recevied: %d\n",
@@ -817,8 +836,9 @@ int handle_channel_request(FILE *f)
        else if (lustre_mech == LGSS_MECH_NULL)
                rc = handle_null(&snd);
        else
        else if (lustre_mech == LGSS_MECH_NULL)
                rc = handle_null(&snd);
        else
-               printerr(0, "WARNING: Received or request for"
-                        "subflavor that is not enabled: %d\n", lustre_mech);
+               printerr(0,
+                        "WARNING: Received or request for subflavor that is not enabled: %d\n",
+                        lustre_mech);
 
 out_err:
        /* Failures send a null token */
 
 out_err:
        /* Failures send a null token */
Lustre primary development and releases