/**
* Decodes -- that is: deserializes -- an ONC/RPC authentication object (credential &
* verifier) on the server side.
*
* @param xdr An XDR decoding stream
* @throws OncRpcException if an ONC/RPC error occurs.
* @throws IOException if an I/O error occurs.
*/
public final void xdrDecodeCredVerf(XdrDecodingStream xdr) throws OncRpcException, IOException {
//
// Reset some part of the object's state...
//
shorthandVerf = null;
//
// Now pull off the object state of the XDR stream...
//
int realLen = xdr.xdrDecodeInt();
stamp = xdr.xdrDecodeInt();
machinename = xdr.xdrDecodeString();
uid = xdr.xdrDecodeInt();
gid = xdr.xdrDecodeInt();
gids = xdr.xdrDecodeIntVector();
//
// Make sure that the indicated length of the opaque data is kosher.
// If not, throw an exception, as there is something strange going on!
//
int len =
4 // length of stamp
+ ((machinename.length() + 7) & ~3) // len string incl. len
+ 4 // length of uid
+ 4 // length of gid
+ (gids.length * 4)
+ 4 // length of vector of gids incl. len
;
if (realLen != len) {
if (realLen < len) {
throw (new OncRpcException(OncRpcException.RPC_BUFFERUNDERFLOW));
} else {
throw (new OncRpcException(OncRpcException.RPC_AUTHERROR));
}
}
//
// We also need to decode the verifier. This must be of type
// AUTH_NONE too. For some obscure historical reasons, we have to
// deal with credentials and verifiers, although they belong together,
// according to Sun's specification.
//
if ((xdr.xdrDecodeInt() != OncRpcAuthType.ONCRPC_AUTH_NONE) || (xdr.xdrDecodeInt() != 0)) {
throw (new OncRpcAuthenticationException(OncRpcAuthStatus.ONCRPC_AUTH_BADVERF));
}
}
