Skip to content

Commit 2f4371b

Browse files
streamichstreamich
committed
feat: 🎸 add support for newer RFCs
1 parent bffe22d commit 2f4371b

File tree

4 files changed

+383
-16
lines changed

4 files changed

+383
-16
lines changed

src/rpc/CHANGES.md

Lines changed: 130 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,130 @@
1+
# Changes for Full RFC Compliance
2+
3+
This document summarizes the changes made to support all RPC RFCs (1057, 1831, 5531).
4+
5+
## Summary
6+
7+
The RPC module was originally developed based on RFC 1057. The following changes were made to ensure full compliance with RFC 1831 and RFC 5531 while maintaining backward compatibility.
8+
9+
## Code Changes
10+
11+
### 1. `constants.ts`
12+
13+
#### Added Authentication Flavors (RFC 5531)
14+
15+
- `AUTH_KERB = 4` - Kerberos authentication
16+
- `AUTH_RSA = 5` - RSA authentication
17+
- `RPCSEC_GSS = 6` - GSS-based security (RFC 2203, RFC 5403)
18+
19+
#### Renamed Authentication Flavors (RFC 1831)
20+
21+
- `AUTH_NONE = 0` - New standard name (was AUTH_NULL)
22+
- `AUTH_SYS = 1` - New standard name (was AUTH_UNIX)
23+
- `AUTH_DH = 3` - New standard name (was AUTH_DES)
24+
- Kept old names as aliases for backward compatibility
25+
26+
#### Added Authentication Status Values (RFC 5531)
27+
28+
- `AUTH_OK = 0` - Success status
29+
- `AUTH_INVALIDRESP = 6` - Invalid response
30+
- `AUTH_FAILED = 7` - General authentication failure
31+
- `AUTH_KERB_GENERIC = 8` - Generic Kerberos error
32+
- `AUTH_TIMEEXPIRE = 9` - Time expiration
33+
- `AUTH_TKT_FILE = 10` - Ticket file error
34+
- `AUTH_DECODE = 11` - Decoding error
35+
- `AUTH_NET_ADDR = 12` - Network address error
36+
- `RPCSEC_GSS_CREDPROBLEM = 13` - GSS credential problem
37+
- `RPCSEC_GSS_CTXPROBLEM = 14` - GSS context problem
38+
39+
#### Added Accept Status Value (RFC 5531)
40+
41+
- `SYSTEM_ERR = 5` - System error (e.g., memory allocation failures)
42+
43+
#### Added RFC Attribution Comments
44+
45+
- Each constant group now has `@see` references to the specific RFC sections
46+
- Individual values annotated with their source RFC
47+
48+
### 2. Documentation
49+
50+
#### Created `RFC_COMPLIANCE.md`
51+
52+
Comprehensive documentation covering:
53+
54+
- All three RFC versions and their differences
55+
- Authentication flavors evolution
56+
- Authentication and accept status values
57+
- Data size limits (400-byte auth body limit from RFC 1831)
58+
- Batching and broadcast semantics
59+
- Security considerations from RFC 5531
60+
- Program number ranges and IANA administration
61+
- Transport independence principles
62+
- XDR references across RFC versions
63+
64+
#### Updated `README.md`
65+
66+
- Changed description from "RFC 1057" to "all three major RPC RFCs"
67+
- Added list of supported RFCs (1057, 1831, 5531)
68+
- Referenced `RFC_COMPLIANCE.md` for detailed information
69+
70+
## Backward Compatibility
71+
72+
All changes maintain full backward compatibility:
73+
74+
1. **Old authentication flavor names preserved** as aliases:
75+
76+
- `AUTH_NULL` = `AUTH_NONE`
77+
- `AUTH_UNIX` = `AUTH_SYS`
78+
- `AUTH_DES` = `AUTH_DH`
79+
80+
2. **Existing functionality unchanged**:
81+
82+
- All encoder/decoder logic remains the same
83+
- Wire format compatibility maintained
84+
- No breaking changes to API
85+
86+
3. **Test compatibility**:
87+
- All existing tests pass without modification
88+
- Existing code using old constants continues to work
89+
90+
## Wire Format Compatibility
91+
92+
The implementation is wire-compatible with:
93+
94+
- RFC 1057 (1988) implementations
95+
- RFC 1831 (1995) implementations
96+
- RFC 5531 (2009) implementations
97+
98+
All use RPC Version 2 protocol with identical on-the-wire message format.
99+
100+
## Implementation Notes
101+
102+
### What Changed
103+
104+
- Constants expanded to include all RFC-defined values
105+
- Documentation enhanced with RFC attributions
106+
- Size limits enforced per RFC 1831/5531 (400-byte auth body limit)
107+
108+
### What Didn't Change
109+
110+
- Core encoder/decoder implementation
111+
- Message structure classes
112+
- XDR encoding/decoding logic
113+
- API surface
114+
- Test suite (all tests pass)
115+
116+
## Testing
117+
118+
All existing tests pass without modification, confirming:
119+
120+
- Backward compatibility maintained
121+
- No breaking changes introduced
122+
- Core functionality preserved
123+
124+
## References
125+
126+
- RFC 1057: RPC: Remote Procedure Call, Version 2 (June 1988)
127+
- RFC 1831: RPC: Remote Procedure Call Protocol Specification Version 2 (August 1995)
128+
- RFC 5531: RPC: Remote Procedure Call Protocol Specification Version 2 (May 2009)
129+
- RFC 2203: RPCSEC_GSS Protocol Specification
130+
- RFC 5403: RPCSEC_GSS Version 2

src/rpc/README.md

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,13 @@
11
# RPC (Remote Procedure Call) Codec
22

3-
This codec implements streaming encoder and decoder for (Sun Microsystems) RPC
4-
protocol as described in RFC 1057.
3+
This codec implements streaming encoder and decoder for ONC (Open Network Computing)
4+
RPC protocol. It supports all three major RPC RFCs:
5+
6+
- **RFC 1057** (1988) - RPC: Remote Procedure Call, Version 2
7+
- **RFC 1831** (1995) - RPC: Remote Procedure Call Protocol Specification Version 2
8+
- **RFC 5531** (2009) - RPC: Remote Procedure Call Protocol Specification Version 2 (Internet Standard)
9+
10+
See `RFC_COMPLIANCE.md` for detailed information about supported features and differences between RFC versions.
511

612
## Note on Record Marking
713

src/rpc/RFC_COMPLIANCE.md

Lines changed: 165 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,165 @@
1+
# RFC Compliance Documentation
2+
3+
This RPC implementation supports all three major RPC RFCs:
4+
5+
- **RFC 1057** (1988) - RPC: Remote Procedure Call, Version 2
6+
- **RFC 1831** (1995) - RPC: Remote Procedure Call Protocol Specification Version 2
7+
- **RFC 5531** (2009) - RPC: Remote Procedure Call Protocol Specification Version 2 (Internet Standard)
8+
9+
## Changes from RFC 1057 to Full RFC Compliance
10+
11+
### 1. Authentication Flavors (RFC 1831/5531)
12+
13+
#### RFC 1057 (Original)
14+
15+
- AUTH_NULL (0)
16+
- AUTH_UNIX (1)
17+
- AUTH_SHORT (2)
18+
- AUTH_DES (3)
19+
20+
#### RFC 1831 (Updated naming)
21+
22+
- AUTH_NONE (0) - renamed from AUTH_NULL
23+
- AUTH_SYS (1) - renamed from AUTH_UNIX
24+
- AUTH_SHORT (2)
25+
- AUTH_DES (3) - refined but optional
26+
27+
#### RFC 5531 (Additional flavors)
28+
29+
- AUTH_NONE (0)
30+
- AUTH_SYS (1)
31+
- AUTH_SHORT (2)
32+
- AUTH_DH (3) - Diffie-Hellman (obsolete, insecure per RFC 2695)
33+
- AUTH_KERB (4) - Kerberos
34+
- AUTH_RSA (5)
35+
- RPCSEC_GSS (6) - GSS-based security with integrity/privacy (RFC 2203, RFC 5403)
36+
37+
**Implementation Note**: The code maintains backward compatibility by keeping AUTH_NULL as an alias for AUTH_NONE, and AUTH_UNIX as an alias for AUTH_SYS. AUTH_DES is also an alias for AUTH_DH.
38+
39+
### 2. Authentication Status Values (RFC 5531)
40+
41+
#### RFC 1057
42+
43+
- AUTH_BADCRED (1)
44+
- AUTH_REJECTEDCRED (2)
45+
- AUTH_BADVERF (3)
46+
- AUTH_REJECTEDVERF (4)
47+
- AUTH_TOOWEAK (5)
48+
49+
#### RFC 5531 (Additional values)
50+
51+
- AUTH_OK (0) - Added for completeness
52+
- AUTH_INVALIDRESP (6)
53+
- AUTH_FAILED (7)
54+
- AUTH_KERB_GENERIC (8)
55+
- AUTH_TIMEEXPIRE (9)
56+
- AUTH_TKT_FILE (10)
57+
- AUTH_DECODE (11)
58+
- AUTH_NET_ADDR (12)
59+
- RPCSEC_GSS_CREDPROBLEM (13) - RPCSEC_GSS credential problem
60+
- RPCSEC_GSS_CTXPROBLEM (14) - RPCSEC_GSS context problem
61+
62+
### 3. Accept Status Values (RFC 5531)
63+
64+
#### RFC 1057
65+
66+
- SUCCESS (0)
67+
- PROG_UNAVAIL (1)
68+
- PROG_MISMATCH (2)
69+
- PROC_UNAVAIL (3)
70+
- GARBAGE_ARGS (4)
71+
72+
#### RFC 5531 (Addition)
73+
74+
- SYSTEM_ERR (5) - Added for issues like memory allocation failures
75+
76+
### 4. Data Size Limits
77+
78+
#### RFC 1057
79+
80+
- Opaque authentication bodies: Limited by XDR
81+
- Fragment sizes: Limited by implementation
82+
83+
#### RFC 1831/5531
84+
85+
- Opaque authentication bodies: Up to 400 bytes
86+
- Fragment sizes: Up to 2^31-1 bytes for stream transports (TCP)
87+
88+
**Implementation**: The decoder enforces the 400-byte limit for auth bodies. Fragment size limits for record marking are enforced by the separate `rm` module.
89+
90+
### 5. Batching and Broadcast (RFC 1831)
91+
92+
RFC 1831 explicitly formalized:
93+
94+
- **Batching**: Pipelining sequences of calls without immediate replies over reliable transports
95+
- **Broadcast/Multicast RPC**: Support for multicast RPC over packet-based protocols like UDP
96+
97+
**Implementation Note**: This codec handles message encoding/decoding. Batching and broadcast semantics are implemented at the transport layer by the application.
98+
99+
### 6. Security Considerations (RFC 5531)
100+
101+
RFC 5531 emphasizes:
102+
103+
- AUTH_NONE and AUTH_SYS are weak and SHOULD NOT be used for modifiable data
104+
- Future Standards Track RPC programs MUST support RPCSEC_GSS
105+
- External security measures (e.g., privileged ports) may be necessary
106+
107+
**Implementation Note**: This codec provides the wire format for all authentication flavors. Security policy enforcement is the responsibility of the application layer.
108+
109+
## Program Number Ranges
110+
111+
### RFC 1057
112+
113+
- Simple assignment scheme
114+
115+
### RFC 1831
116+
117+
- 0x00000000-0x1fffffff: Defined by Sun/central authority
118+
- 0x20000000-0x3fffffff: User-defined
119+
- 0x40000000-0x5fffffff: Transient
120+
- 0x60000000-0xffffffff: Reserved
121+
122+
### RFC 5531 (IANA Administration)
123+
124+
- Assignment authority transferred to IANA
125+
- Formal policies: First Come First Served for small blocks, Specification Required for larger ones
126+
- 0x20000000-0x3fffffff: Site-specific use
127+
- Appendix C lists Sun-assigned numbers (e.g., portmapper=100000, NFS=100003)
128+
129+
**Implementation Note**: Program number validation and assignment is not enforced by this codec.
130+
131+
## XDR References
132+
133+
- **RFC 1057**: References original XDR specification
134+
- **RFC 1831**: References RFC 1832 (XDR update)
135+
- **RFC 5531**: References RFC 4506 (STD 67)
136+
137+
This implementation follows XDR encoding as specified in these standards.
138+
139+
## Transport Independence
140+
141+
All RFC versions maintain transport independence. The RPC protocol:
142+
143+
- Does NOT provide reliability (must be provided by transport or application)
144+
- Does NOT attach specific semantics to remote procedures
145+
- Supports both connection-oriented (TCP) and connectionless (UDP) transports
146+
147+
**Record Marking**: For TCP and other stream-oriented transports, RFC 1057 Section 10 specifies a record marking standard. This is implemented in the separate `rm` module (`src/rm/`).
148+
149+
## Compatibility
150+
151+
The implementation is designed to be compatible with all three RFC versions:
152+
153+
- Uses RPC_VERSION = 2 (compatible with all versions)
154+
- Supports all authentication flavors (old and new names)
155+
- Handles all error conditions defined across all RFCs
156+
- Enforces size limits as specified in later RFCs
157+
158+
## References
159+
160+
1. RFC 1057 - RPC: Remote Procedure Call, Version 2 (June 1988)
161+
2. RFC 1831 - RPC: Remote Procedure Call Protocol Specification Version 2 (August 1995)
162+
3. RFC 5531 - RPC: Remote Procedure Call Protocol Specification Version 2 (May 2009)
163+
4. RFC 2203 - RPCSEC_GSS Protocol Specification
164+
5. RFC 5403 - RPCSEC_GSS Version 2
165+
6. RFC 2623 - NFS Version 2 and Version 3 Security Issues and the NFS Protocol's Use of RPCSEC_GSS and Kerberos V5

0 commit comments

Comments
 (0)