summaryrefslogtreecommitdiff
path: root/sys/nfs/nfs_syscalls.c
diff options
context:
space:
mode:
authorThordur I. Bjornsson <thib@cvs.openbsd.org>2007-10-14 19:34:42 +0000
committerThordur I. Bjornsson <thib@cvs.openbsd.org>2007-10-14 19:34:42 +0000
commit6c4407c9199d9486965a2b76e6612a57a452641f (patch)
treee417bffc02b4893d1edec585f70e174f2bd99a8b /sys/nfs/nfs_syscalls.c
parentb823d3d24c75a481e5f13352b4cfd55035df536b (diff)
Remove now unused functions dealing with kerberos
authentication. ok beck@
Diffstat (limited to 'sys/nfs/nfs_syscalls.c')
-rw-r--r--sys/nfs/nfs_syscalls.c193
1 files changed, 1 insertions, 192 deletions
diff --git a/sys/nfs/nfs_syscalls.c b/sys/nfs/nfs_syscalls.c
index 9d0fa67f685..06237958aad 100644
--- a/sys/nfs/nfs_syscalls.c
+++ b/sys/nfs/nfs_syscalls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nfs_syscalls.c,v 1.56 2007/09/20 12:54:31 thib Exp $ */
+/* $OpenBSD: nfs_syscalls.c,v 1.57 2007/10/14 19:34:41 thib Exp $ */
/* $NetBSD: nfs_syscalls.c,v 1.19 1996/02/18 11:53:52 fvdl Exp $ */
/*
@@ -803,195 +803,4 @@ nfs_getset_niothreads(set)
nfs_niothreads = have;
}
}
-
-/*
- * Get an authorization string for the uid by having the mount_nfs sitting
- * on this mount point porpoise out of the kernel and do it.
- */
-int
-nfs_getauth(nmp, rep, cred, auth_str, auth_len, verf_str, verf_len, key)
- struct nfsmount *nmp;
- struct nfsreq *rep;
- struct ucred *cred;
- char **auth_str;
- int *auth_len;
- char *verf_str;
- int *verf_len;
- NFSKERBKEY_T key; /* return session key */
-{
- int error = 0;
-
- while ((nmp->nm_flag & NFSMNT_WAITAUTH) == 0) {
- nmp->nm_flag |= NFSMNT_WANTAUTH;
- (void) tsleep((caddr_t)&nmp->nm_authtype, PSOCK,
- "nfsauth1", 2 * hz);
- error = nfs_sigintr(nmp, rep, rep->r_procp);
- if (error) {
- nmp->nm_flag &= ~NFSMNT_WANTAUTH;
- return (error);
- }
- }
- nmp->nm_flag &= ~(NFSMNT_WAITAUTH | NFSMNT_WANTAUTH);
- nmp->nm_authstr = *auth_str = (char *)malloc(RPCAUTH_MAXSIZ, M_TEMP, M_WAITOK);
- nmp->nm_authlen = RPCAUTH_MAXSIZ;
- nmp->nm_verfstr = verf_str;
- nmp->nm_verflen = *verf_len;
- nmp->nm_authuid = cred->cr_uid;
- wakeup((caddr_t)&nmp->nm_authstr);
-
- /*
- * And wait for mount_nfs to do its stuff.
- */
- while ((nmp->nm_flag & NFSMNT_HASAUTH) == 0 && error == 0) {
- (void) tsleep((caddr_t)&nmp->nm_authlen, PSOCK,
- "nfsauth2", 2 * hz);
- error = nfs_sigintr(nmp, rep, rep->r_procp);
- }
- if (nmp->nm_flag & NFSMNT_AUTHERR) {
- nmp->nm_flag &= ~NFSMNT_AUTHERR;
- error = EAUTH;
- }
- if (error)
- free((caddr_t)*auth_str, M_TEMP);
- else {
- *auth_len = nmp->nm_authlen;
- *verf_len = nmp->nm_verflen;
- bcopy((caddr_t)nmp->nm_key, (caddr_t)key, sizeof (NFSKERBKEY_T));
- }
- nmp->nm_flag &= ~NFSMNT_HASAUTH;
- nmp->nm_flag |= NFSMNT_WAITAUTH;
- if (nmp->nm_flag & NFSMNT_WANTAUTH) {
- nmp->nm_flag &= ~NFSMNT_WANTAUTH;
- wakeup((caddr_t)&nmp->nm_authtype);
- }
- return (error);
-}
-
-/*
- * Get a nickname authenticator and verifier.
- */
-int
-nfs_getnickauth(nmp, cred, auth_str, auth_len, verf_str, verf_len)
- struct nfsmount *nmp;
- struct ucred *cred;
- char **auth_str;
- int *auth_len;
- char *verf_str;
- int verf_len;
-{
- struct nfsuid *nuidp;
- u_int32_t *nickp, *verfp;
- struct timeval ktvin, ktvout;
- struct timeval tv;
-
-#ifdef DIAGNOSTIC
- if (verf_len < (4 * NFSX_UNSIGNED))
- panic("nfs_getnickauth verf too small");
-#endif
- LIST_FOREACH(nuidp, NMUIDHASH(nmp, cred->cr_uid), nu_hash) {
- if (nuidp->nu_cr.cr_uid == cred->cr_uid)
- break;
- }
- if (!nuidp || nuidp->nu_expire < time_second)
- return (EACCES);
-
- /*
- * Move to the end of the lru list (end of lru == most recently used).
- */
- TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp, nu_lru);
- TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp, nu_lru);
-
- nickp = (u_int32_t *)malloc(2 * NFSX_UNSIGNED, M_TEMP, M_WAITOK);
- *nickp++ = txdr_unsigned(RPCAKN_NICKNAME);
- *nickp = txdr_unsigned(nuidp->nu_nickname);
- *auth_str = (char *)nickp;
- *auth_len = 2 * NFSX_UNSIGNED;
-
- /*
- * Now we must encrypt the verifier and package it up.
- */
- verfp = (u_int32_t *)verf_str;
- *verfp++ = txdr_unsigned(RPCAKN_NICKNAME);
- getmicrotime(&tv);
- if (tv.tv_sec > nuidp->nu_timestamp.tv_sec ||
- (tv.tv_sec == nuidp->nu_timestamp.tv_sec &&
- tv.tv_usec > nuidp->nu_timestamp.tv_usec))
- nuidp->nu_timestamp = tv;
- else
- nuidp->nu_timestamp.tv_usec++;
- ktvin.tv_sec = txdr_unsigned(nuidp->nu_timestamp.tv_sec);
- ktvin.tv_usec = txdr_unsigned(nuidp->nu_timestamp.tv_usec);
-
- *verfp++ = ktvout.tv_sec;
- *verfp++ = ktvout.tv_usec;
- *verfp = 0;
- return (0);
-}
-
-/*
- * Save the current nickname in a hash list entry on the mount point.
- */
-int
-nfs_savenickauth(nmp, cred, len, key, mdp, dposp, mrep)
- struct nfsmount *nmp;
- struct ucred *cred;
- int len;
- NFSKERBKEY_T key;
- struct mbuf **mdp;
- char **dposp;
- struct mbuf *mrep;
-{
- struct nfsuid *nuidp;
- u_int32_t *tl;
- int32_t t1;
- struct mbuf *md = *mdp;
- struct timeval ktvin, ktvout;
- u_int32_t nick;
- char *dpos = *dposp, *cp2;
- int deltasec, error = 0;
-
- if (len == (3 * NFSX_UNSIGNED)) {
- nfsm_dissect(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
- ktvin.tv_sec = *tl++;
- ktvin.tv_usec = *tl++;
- nick = fxdr_unsigned(u_int32_t, *tl);
-
- ktvout.tv_sec = fxdr_unsigned(long, ktvout.tv_sec);
- ktvout.tv_usec = fxdr_unsigned(long, ktvout.tv_usec);
- deltasec = time_second - ktvout.tv_sec;
- if (deltasec < 0)
- deltasec = -deltasec;
- /*
- * If ok, add it to the hash list for the mount point.
- */
- if (deltasec <= NFS_KERBCLOCKSKEW) {
- if (nmp->nm_numuids < nuidhash_max) {
- nmp->nm_numuids++;
- nuidp = (struct nfsuid *)
- malloc(sizeof (struct nfsuid), M_NFSUID,
- M_WAITOK);
- } else {
- nuidp = TAILQ_FIRST(&nmp->nm_uidlruhead);
- LIST_REMOVE(nuidp, nu_hash);
- TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp,
- nu_lru);
- }
- nuidp->nu_flag = 0;
- nuidp->nu_cr.cr_uid = cred->cr_uid;
- nuidp->nu_expire = time_second + NFS_KERBTTL;
- nuidp->nu_timestamp = ktvout;
- nuidp->nu_nickname = nick;
- bcopy(key, nuidp->nu_key, sizeof (NFSKERBKEY_T));
- TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp,
- nu_lru);
- LIST_INSERT_HEAD(NMUIDHASH(nmp, cred->cr_uid),
- nuidp, nu_hash);
- }
- } else
- nfsm_adv(nfsm_rndup(len));
-nfsmout:
- *mdp = md;
- *dposp = dpos;
- return (error);
-}
#endif /* NFSCLIENT */