1 files changed, 104 insertions, 25 deletions

diff --git a/crypto/kerberosIV/appl/kip/kipd.c b/crypto/kerberosIV/appl/kip/kipd.c
index 429f815..74e8ac2 100644
--- a/crypto/kerberosIV/appl/kip/kipd.c
+++ b/crypto/kerberosIV/appl/kip/kipd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,22 +33,11 @@
 
 #include "kip.h"
 
-RCSID("$Id: kipd.c,v 1.16 1999/12/02 16:58:31 joda Exp $");
-
-static int
-fatal (int fd, char *s)
-{
-     u_char err = 1;
-
-     write (fd, &err, sizeof(err));
-     write (fd, s, strlen(s)+1);
-     syslog(LOG_ERR, s);
-     return err;
-}
+RCSID("$Id: kipd.c,v 1.16.2.3 2000/10/18 20:46:45 assar Exp $");
 
 static int
 recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
-	   struct sockaddr_in *retaddr)
+	   struct sockaddr_in *retaddr, char *user, size_t len)
 {
      int status;
      KTEXT_ST ticket;
@@ -80,13 +69,21 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
 	  return 1;
      }
      passwd = k_getpwnam ("root");
-     if (passwd == NULL)
-	  return fatal (sock, "Cannot find root");
-     if (kuserok(&auth, "root") != 0)
-	  return fatal (sock, "Permission denied");
+     if (passwd == NULL) {
+	  fatal (sock, "Cannot find root", schedule, &auth.session);
+	  return 1;
+     }
+     if (kuserok(&auth, "root") != 0) {
+	  fatal (sock, "Permission denied", schedule, &auth.session);
+	  return 1;
+     }
      if (write (sock, &ok, sizeof(ok)) != sizeof(ok))
 	  return 1;
 
+     snprintf (user, len, "%s%s%s@%s", auth.pname, 
+	       auth.pinst[0] != '\0' ? "." : "",
+	       auth.pinst, auth.prealm);
+
      memcpy(key, &auth.session, sizeof(des_cblock));
      *retaddr = thataddr;
      return 0;
@@ -95,17 +92,64 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
 static int
 doit(int sock)
 {
+     char msg[1024];
+     char cmd[MAXPATHLEN];
+     char tun_if_name[64];
+     char user[MAX_K_NAME_SZ];
      struct sockaddr_in thataddr;
      des_key_schedule schedule;
      des_cblock key;
-     int this;
+     int this, ret, ret2;
 
-     if (recv_conn (sock, &key, schedule, &thataddr))
+     isserver = 1;
+
+     if (recv_conn (sock, &key, schedule, &thataddr, user, sizeof(user)))
 	  return 1;
-     this = tunnel_open ();
+     this = tunnel_open (tun_if_name, sizeof(tun_if_name));
      if (this < 0)
-	  fatal (sock, "Cannot open " _PATH_DEV TUNDEV);
-     return copy_packets (this, sock, TUNMTU, &key, schedule);
+	  fatal (sock, "Cannot open " _PATH_DEV TUNDEV, schedule, &key);
+
+     strlcpy(cmd, LIBEXECDIR "/kipd-control", sizeof(cmd));
+
+     ret = kip_exec (cmd, msg, sizeof(msg), "kipd-control",
+		     "up", tun_if_name, inet_ntoa(thataddr.sin_addr), user,
+		     NULL);
+     if (ret) {
+	 fatal (sock, msg, schedule, &key);
+	 return -1;
+     }
+
+     ret = copy_packets (this, sock, TUNMTU, &key, schedule);
+     
+     ret2 = kip_exec (cmd,  msg, sizeof(msg), "kipd-control",
+		      "down", tun_if_name, user, NULL);
+     if (ret2)
+	 syslog(LOG_ERR, "%s", msg);
+     return ret;
+}
+
+static char *port_str		= NULL;
+static int inetd_flag		= 1;
+static int version_flag		= 0;
+static int help_flag		= 0;
+
+struct getargs args[] = {
+    { "inetd",		'i',	arg_negative_flag,	&inetd_flag,
+      "Not started from inetd" },
+    { "port",		'p',	arg_string,	&port_str,	"Use this port",
+      "port" },
+    { "version",	0, 	arg_flag,		&version_flag },
+    { "help",		0, 	arg_flag,		&help_flag }
+};
+
+static void
+usage(int ret)
+{
+    arg_printusage (args,
+		    sizeof(args) / sizeof(args[0]),
+		    NULL,
+		    "");
+    exit (ret);
 }
 
 /*
@@ -115,9 +159,44 @@ doit(int sock)
 int
 main (int argc, char **argv)
 {
-    set_progname (argv[0]);
+    int port;
+    int optind = 0;
 
+    set_progname (argv[0]);
     roken_openlog(__progname, LOG_PID|LOG_CONS, LOG_DAEMON);
+
+    if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv,
+		&optind))
+	usage (1);
+
+    if (help_flag)
+	usage (0);
+
+    if (version_flag) {
+	print_version (NULL);
+	return 0;
+    }
+
+    if(port_str) {
+	struct servent *s = roken_getservbyname (port_str, "tcp");
+
+	if (s)
+	    port = s->s_port;
+	else {
+	    char *ptr;
+
+	    port = strtol (port_str, &ptr, 10);
+	    if (port == 0 && ptr == port_str)
+		errx (1, "bad port `%s'", port_str);
+	    port = htons(port);
+	}
+    } else {
+	port = k_getportbyname ("kip", "tcp", htons(KIPPORT));
+    }
+
+    if (!inetd_flag)
+	mini_inetd (port);
+
     signal (SIGCHLD, childhandler);
-    return doit(0);
+    return doit(STDIN_FILENO);
 }