diff options
-rw-r--r-- | include/rpc/auth.h | 3 | ||||
-rw-r--r-- | lib/libc/rpc/Makefile.inc | 3 | ||||
-rw-r--r-- | lib/libc/rpc/auth_unix.c | 19 | ||||
-rw-r--r-- | lib/libc/rpc/rpcauth.3 | 13 |
4 files changed, 34 insertions, 4 deletions
diff --git a/include/rpc/auth.h b/include/rpc/auth.h index 77d6b77503f..091f3f8f951 100644 --- a/include/rpc/auth.h +++ b/include/rpc/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.5 2004/01/22 21:48:02 espie Exp $ */ +/* $OpenBSD: auth.h,v 1.6 2006/11/10 17:29:31 grunk Exp $ */ /* $NetBSD: auth.h,v 1.7 1995/04/29 05:27:55 cgd Exp $ */ /* @@ -174,6 +174,7 @@ extern AUTH *authunix_create_default(void); extern AUTH *authnone_create(void); extern AUTH *authdes_create(char *, unsigned int, struct sockaddr_in *, des_block *); +extern void set_rpc_maxgrouplist(int); __END_DECLS #define AUTH_NONE 0 /* no authentication */ diff --git a/lib/libc/rpc/Makefile.inc b/lib/libc/rpc/Makefile.inc index 9cdcc5c7845..ad272841ab5 100644 --- a/lib/libc/rpc/Makefile.inc +++ b/lib/libc/rpc/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.12 2003/12/31 03:27:23 millert Exp $ +# $OpenBSD: Makefile.inc,v 1.13 2006/11/10 17:29:31 grunk Exp $ # librpc sources .PATH: ${LIBCSRCDIR}/arch/${MACHINE}/rpc ${LIBCSRCDIR}/rpc @@ -22,6 +22,7 @@ MLINKS+= bindresvport.3 bindresvport_sa.3 \ rpcauth.3 authnone_create.3 \ rpcauth.3 authunix_create.3 \ rpcauth.3 authunix_create_default.3 \ + rpcauth.3 set_rpc_maxgrouplist.3 \ rpc.3 callrpc.3 \ rpc.3 clnt_broadcast.3 \ rpc.3 clnt_call.3 \ diff --git a/lib/libc/rpc/auth_unix.c b/lib/libc/rpc/auth_unix.c index e4044fe18a9..8d8080d5b77 100644 --- a/lib/libc/rpc/auth_unix.c +++ b/lib/libc/rpc/auth_unix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth_unix.c,v 1.19 2005/08/08 08:05:35 espie Exp $ */ +/* $OpenBSD: auth_unix.c,v 1.20 2006/11/10 17:29:31 grunk Exp $ */ /* * Sun RPC is a product of Sun Microsystems, Inc. and is provided for * unrestricted use provided that this legend is included on all tape @@ -160,6 +160,21 @@ authunix_create(char *machname, int uid, int gid, int len, int *aup_gids) return (auth); } + +/* + * Some servers will refuse mounts if the group list is larger + * than it expects (like 8). This allows the application to set + * the maximum size of the group list that will be sent. + */ +static int maxgrplist = NGRPS; + +void +set_rpc_maxgrouplist(int num) +{ + if (num < NGRPS) + maxgrplist = num; +} + /* * Returns an auth handle with parameters determined by doing lots of * syscalls. @@ -181,6 +196,8 @@ authunix_create_default(void) gid = getegid(); if ((len = getgroups(NGRPS, gids)) < 0) return (NULL); + if (len > maxgrplist) + len = maxgrplist; for (i = 0; i < len; i++) gids2[i] = gids[i]; return (authunix_create(machname, uid, gid, len, gids2)); diff --git a/lib/libc/rpc/rpcauth.3 b/lib/libc/rpc/rpcauth.3 index cd61a25932c..a26fb2372b8 100644 --- a/lib/libc/rpc/rpcauth.3 +++ b/lib/libc/rpc/rpcauth.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: rpcauth.3,v 1.11 2003/08/08 09:26:02 jmc Exp $ +.\" $OpenBSD: rpcauth.3,v 1.12 2006/11/10 17:29:31 grunk Exp $ .\" Mostly converted to mandoc by Theo de Raadt, Tue Feb 24 04:04:46 MST 1998 .\" .\" Sun RPC is a product of Sun Microsystems, Inc. and is provided for @@ -47,6 +47,8 @@ .Fn authunix_create "char *host" "int uid" "int gid" "int len" "int *aup.gids" .Ft AUTH * .Fn authunix_create_default "void" +.Ft void +.Fn set_rpc_maxgrouplist "int num" .Sh DESCRIPTION These routines establish authentication information for use by the RPC functions described in @@ -93,6 +95,15 @@ It is easy to impersonate a user. calls .Fn authunix_create with the appropriate parameters. +.Pp +.Fn set_rpc_maxgrouplist +allows the application to set the maximum size of the group list that +will be used in +.Fn authunix_create_default +to +.Fa num . +Some servers will refuse mounts if the group list is larger than it +expects (like 8). .Sh SEE ALSO .\"Xr rpc_secure 3 , .Xr rpcgen 1 , |