Date: Fri, 19 Dec 2025 09:19:05 +0000 From: Olivier Certner <olce@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: ede3009e4569 - stable/14 - sys/rpc: UNIX auth: Rename 'ngroups' => 'supp_ngroups' for clarity Message-ID: <69451889.3de7c.7fa701f1@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/14 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=ede3009e4569b79055643b8fd65b4165092e8517 commit ede3009e4569b79055643b8fd65b4165092e8517 Author: Olivier Certner <olce@FreeBSD.org> AuthorDate: 2025-10-07 10:03:07 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2025-12-19 09:16:43 +0000 sys/rpc: UNIX auth: Rename 'ngroups' => 'supp_ngroups' for clarity MFC after: 2 days Sponsored by: The FreeBSD Foundation (cherry picked from commit bda3b61512b2597d4c77d2b9c9074b844dec0405) Two minor conflicts, due to missing comments added in commit be1f7435ef21 ("kern: start tracking cr_gid outside of cr_groups[]") which will not be MFCed, were solved by adding these comments. --- sys/rpc/authunix_prot.c | 21 +++++++++++++-------- sys/rpc/svc_auth_unix.c | 21 +++++++++++++-------- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/sys/rpc/authunix_prot.c b/sys/rpc/authunix_prot.c index 8c10de166f2f..42822a5d01c6 100644 --- a/sys/rpc/authunix_prot.c +++ b/sys/rpc/authunix_prot.c @@ -64,7 +64,7 @@ bool_t xdr_authunix_parms(XDR *xdrs, uint32_t *time, struct xucred *cred) { uint32_t namelen; - uint32_t ngroups, i; + uint32_t supp_ngroups, i; uint32_t junk; char hostbuf[MAXHOSTNAMELEN]; @@ -101,14 +101,19 @@ xdr_authunix_parms(XDR *xdrs, uint32_t *time, struct xucred *cred) return (FALSE); if (xdrs->x_op == XDR_ENCODE) { - ngroups = cred->cr_ngroups - 1; - if (ngroups > NGRPS) - ngroups = NGRPS; + /* + * Note that this is a `struct xucred`, which maintains its + * historical layout of preserving the egid in cr_ngroups and + * cr_groups[0] == egid. + */ + supp_ngroups = cred->cr_ngroups - 1; + if (supp_ngroups > NGRPS) + supp_ngroups = NGRPS; } - if (!xdr_uint32_t(xdrs, &ngroups)) + if (!xdr_uint32_t(xdrs, &supp_ngroups)) return (FALSE); - for (i = 0; i < ngroups; i++) { + for (i = 0; i < supp_ngroups; i++) { if (i < ngroups_max) { if (!xdr_uint32_t(xdrs, &cred->cr_groups[i + 1])) return (FALSE); @@ -119,10 +124,10 @@ xdr_authunix_parms(XDR *xdrs, uint32_t *time, struct xucred *cred) } if (xdrs->x_op == XDR_DECODE) { - if (ngroups > ngroups_max) + if (supp_ngroups > ngroups_max) cred->cr_ngroups = ngroups_max + 1; else - cred->cr_ngroups = ngroups + 1; + cred->cr_ngroups = supp_ngroups + 1; } return (TRUE); diff --git a/sys/rpc/svc_auth_unix.c b/sys/rpc/svc_auth_unix.c index cc8354d93281..c821b7901ea6 100644 --- a/sys/rpc/svc_auth_unix.c +++ b/sys/rpc/svc_auth_unix.c @@ -69,7 +69,7 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg) uint32_t time; struct xucred *xcr; u_int auth_len; - size_t str_len, gid_len; + size_t str_len, supp_ngroups; u_int i; xcr = rqst->rq_clntcred; @@ -88,29 +88,34 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg) buf += str_len / sizeof (int32_t); xcr->cr_uid = IXDR_GET_UINT32(buf); xcr->cr_gid = IXDR_GET_UINT32(buf); - gid_len = (size_t)IXDR_GET_UINT32(buf); - if (gid_len > NGRPS) { + supp_ngroups = (size_t)IXDR_GET_UINT32(buf); + if (supp_ngroups > NGRPS) { stat = AUTH_BADCRED; goto done; } - for (i = 0; i < gid_len; i++) { + for (i = 0; i < supp_ngroups; i++) { + /* + * Note that this is a `struct xucred`, which maintains + * its historical layout of preserving the egid in + * cr_ngroups and cr_groups[0] == egid. + */ if (i + 1 < XU_NGROUPS) xcr->cr_groups[i + 1] = IXDR_GET_INT32(buf); else buf++; } - if (gid_len + 1 > XU_NGROUPS) + if (supp_ngroups + 1 > XU_NGROUPS) xcr->cr_ngroups = XU_NGROUPS; else - xcr->cr_ngroups = gid_len + 1; + xcr->cr_ngroups = supp_ngroups + 1; /* * five is the smallest unix credentials structure - * timestamp, hostname len (0), uid, gid, and gids len (0). */ - if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) { + if ((5 + supp_ngroups) * BYTES_PER_XDR_UNIT + str_len > auth_len) { (void) printf("bad auth_len gid %ld str %ld auth %u\n", - (long)gid_len, (long)str_len, auth_len); + (long)supp_ngroups, (long)str_len, auth_len); stat = AUTH_BADCRED; goto done; }help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69451889.3de7c.7fa701f1>