diff options
| author | Lexi Winter <ivy@FreeBSD.org> | 2025-08-15 16:56:46 +0100 |
|---|---|---|
| committer | Lexi Winter <ivy@FreeBSD.org> | 2025-08-15 17:59:18 +0100 |
| commit | 837b13af68bde317414f6c0ce295df66308cc31b (patch) | |
| tree | b82cf85cda9273434360511c0c15cd5c2d4c1a8b /include | |
| parent | 429152cb04e4efdb37437fb2b76fbcfd1ad043ab (diff) | |
Revert "Remove Secure RPC DES authentication"
This reverts commit 7ac276298b72982189ac1a5b17461936dc00163e.
Requested by: kib
Diffstat (limited to 'include')
| -rw-r--r-- | include/rpc/auth_des.h | 79 |
1 files changed, 78 insertions, 1 deletions
diff --git a/include/rpc/auth_des.h b/include/rpc/auth_des.h index 1b4943a74b8b..0ff43c13139b 100644 --- a/include/rpc/auth_des.h +++ b/include/rpc/auth_des.h @@ -33,14 +33,91 @@ * Copyright (c) 1986 - 1991 by Sun Microsystems, Inc. */ -/* Note, RPC DES authentication was removed in FreeBSD 15.0. */ +/* + * auth_des.h, Protocol for DES style authentication for RPC + */ #ifndef _AUTH_DES_ #define _AUTH_DES_ +/* + * There are two kinds of "names": fullnames and nicknames + */ +enum authdes_namekind { + ADN_FULLNAME, + ADN_NICKNAME +}; + +/* + * A fullname contains the network name of the client, + * a conversation key and the window + */ +struct authdes_fullname { + char *name; /* network name of client, up to MAXNETNAMELEN */ + des_block key; /* conversation key */ + u_long window; /* associated window */ +}; + + +/* + * A credential + */ +struct authdes_cred { + enum authdes_namekind adc_namekind; + struct authdes_fullname adc_fullname; + u_long adc_nickname; +}; + + + +/* + * A des authentication verifier + */ +struct authdes_verf { + union { + struct timeval adv_ctime; /* clear time */ + des_block adv_xtime; /* crypt time */ + } adv_time_u; + u_long adv_int_u; +}; + +/* + * des authentication verifier: client variety + * + * adv_timestamp is the current time. + * adv_winverf is the credential window + 1. + * Both are encrypted using the conversation key. + */ +#define adv_timestamp adv_time_u.adv_ctime +#define adv_xtimestamp adv_time_u.adv_xtime +#define adv_winverf adv_int_u + +/* + * des authentication verifier: server variety + * + * adv_timeverf is the client's timestamp + client's window + * adv_nickname is the server's nickname for the client. + * adv_timeverf is encrypted using the conversation key. + */ +#define adv_timeverf adv_time_u.adv_ctime +#define adv_xtimeverf adv_time_u.adv_xtime +#define adv_nickname adv_int_u + +/* + * Map a des credential into a unix cred. + * + */ +__BEGIN_DECLS +extern int authdes_getucred( struct authdes_cred *, uid_t *, gid_t *, int *, gid_t * ); +__END_DECLS + __BEGIN_DECLS +extern bool_t xdr_authdes_cred(XDR *, struct authdes_cred *); +extern bool_t xdr_authdes_verf(XDR *, struct authdes_verf *); extern int rtime(dev_t, struct netbuf *, int, struct timeval *, struct timeval *); +extern void kgetnetname(char *); +extern enum auth_stat _svcauth_des(struct svc_req *, struct rpc_msg *); __END_DECLS #endif /* ndef _AUTH_DES_ */ |