diff options
Diffstat (limited to 'crypto/kerberosIV/appl/sample')
-rw-r--r-- | crypto/kerberosIV/appl/sample/Makefile.in | 83 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/sample.h | 76 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/sample_client.c | 168 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/sample_server.c | 155 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/simple.h | 14 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/simple_client.c | 202 | ||||
-rw-r--r-- | crypto/kerberosIV/appl/sample/simple_server.c | 140 |
7 files changed, 0 insertions, 838 deletions
diff --git a/crypto/kerberosIV/appl/sample/Makefile.in b/crypto/kerberosIV/appl/sample/Makefile.in deleted file mode 100644 index d88023a..0000000 --- a/crypto/kerberosIV/appl/sample/Makefile.in +++ /dev/null @@ -1,83 +0,0 @@ -# $Id: Makefile.in,v 1.18 1999/03/10 19:01:13 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir = ../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -LIBS = @LIBS@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = sample_client$(EXECSUFFIX) \ - simple_client$(EXECSUFFIX) -PROG_LIBEXEC = sample_server$(EXECSUFFIX) \ - simple_server$(EXECSUFFIX) -PROGS = $(PROG_BIN) $(PROG_LIBEXEC) - -OBJECTS = sample_client.o sample_server.o simple_client.o simple_server.o -SOURCES = sample_client.c sample_server.c simple_client.c simple_server.c - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - -uninstall: - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -LIBROKEN=-L../../lib/roken -lroken - -sample_client$(EXECSUFFIX): sample_client.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sample_client.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -simple_client$(EXECSUFFIX): simple_client.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ simple_client.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -sample_server$(EXECSUFFIX): sample_server.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sample_server.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -simple_server$(EXECSUFFIX): simple_server.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ simple_server.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -$(OBJECTS): ../../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/sample/sample.h b/crypto/kerberosIV/appl/sample/sample.h deleted file mode 100644 index d79d574..0000000 --- a/crypto/kerberosIV/appl/sample/sample.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sample.h,v 1.11 1999/12/02 16:58:33 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif /* HAVE_CONFIG_H */ - -#include <stdio.h> -#include <stdlib.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif -#ifdef HAVE_ARPA_INET_H -#include <arpa/inet.h> -#endif -#ifdef HAVE_NETDB_H -#include <netdb.h> -#endif -#include <errno.h> -#ifdef SOCKS -#include <socks.h> -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include <err.h> -#include <krb.h> - -#include <roken.h> - -#define SAMPLE_PORT 6354 - -#define SAMPLE_SERVICE "sample" -#define SAMPLE_VERSION "VERSION9" diff --git a/crypto/kerberosIV/appl/sample/sample_client.c b/crypto/kerberosIV/appl/sample/sample_client.c deleted file mode 100644 index d0ec1c5..0000000 --- a/crypto/kerberosIV/appl/sample/sample_client.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, - * please see the file <mit-copyright.h>. - * - * sample_client: - * A sample Kerberos client, which connects to a server on a remote host, - * at port "sample" (be sure to define it in /etc/services) - * and authenticates itself to the server. The server then writes back - * (in ASCII) the authenticated name. - * - * Usage: - * sample_client <hostname> <checksum> - * - * <hostname> is the name of the foreign host to contact. - * - * <checksum> is an integer checksum to be used for the call to krb_mk_req() - * and mutual authentication - * - */ - -#include "sample.h" - -RCSID("$Id: sample_client.c,v 1.21 1999/11/13 06:27:01 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-s service] [-p port] hostname checksum\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - struct hostent *hp; - struct sockaddr_in sin, lsin; - char *remote_host; - int status; - int namelen; - int sock = -1; - KTEXT_ST ticket; - char buf[512]; - long authopts; - MSG_DAT msg_data; - CREDENTIALS cred; - des_key_schedule sched; - u_int32_t cksum; - int c; - char service[SNAME_SZ]; - u_int16_t port; - struct servent *serv; - char **h_addr_list; - - set_progname (argv[0]); - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - port = 0; - - while ((c = getopt(argc, argv, "s:p:")) != -1) - switch(c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 'p' : - serv = getservbyname (optarg, "tcp"); - if (serv) - port = serv->s_port; - else - port = htons(atoi(optarg)); - break; - case '?' : - default : - usage(); - } - - argc -= optind; - argv += optind; - - if (argc != 2) - usage (); - - /* convert cksum to internal rep */ - cksum = atoi(argv[1]); - - printf("Setting checksum to %ld\n", (long)cksum); - - /* clear out the structure first */ - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - if (port) - sin.sin_port = port; - else - sin.sin_port = k_getportbyname (service, "tcp", htons(SAMPLE_PORT)); - - /* look up the server host */ - hp = gethostbyname(argv[0]); - if (hp == NULL) - errx (1, "gethostbyname(%s): %s", argv[0], - hstrerror(h_errno)); - - /* copy the hostname into non-volatile storage */ - remote_host = strdup(hp->h_name); - if (remote_host == NULL) - errx (1, "strdup: out of memory"); - - /* set up the address of the foreign socket for connect() */ - sin.sin_family = hp->h_addrtype; - - for (h_addr_list = hp->h_addr_list; - *h_addr_list; - ++h_addr_list) { - memcpy(&sin.sin_addr, *h_addr_list, sizeof(sin.sin_addr)); - fprintf (stderr, "Trying %s...\n", inet_ntoa(sin.sin_addr)); - - /* open a TCP socket */ - sock = socket(PF_INET, SOCK_STREAM, 0); - if (sock < 0) - err (1, "socket"); - - /* connect to the server */ - if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - break; - close (sock); - } - - if (*h_addr_list == NULL) - err (1, "connect"); - - /* find out who I am, now that we are connected and therefore bound */ - namelen = sizeof(lsin); - if (getsockname(sock, (struct sockaddr *) &lsin, &namelen) < 0) { - close (sock); - err (1, "getsockname"); - } - - /* call Kerberos library routine to obtain an authenticator, - pass it over the socket to the server, and obtain mutual - authentication. */ - - authopts = KOPT_DO_MUTUAL; - status = krb_sendauth(authopts, sock, &ticket, - service, remote_host, - NULL, cksum, &msg_data, &cred, - sched, &lsin, &sin, SAMPLE_VERSION); - if (status != KSUCCESS) - errx (1, "cannot authenticate to server: %s", - krb_get_err_text(status)); - - /* After we send the authenticator to the server, it will write - back the name we authenticated to. Read what it has to say. */ - status = read(sock, buf, sizeof(buf)); - if (status < 0) - errx(1, "read"); - - /* make sure it's null terminated before printing */ - if (status < sizeof(buf)) - buf[status] = '\0'; - else - buf[sizeof(buf) - 1] = '\0'; - - printf("The server says:\n%s\n", buf); - - close(sock); - return 0; -} diff --git a/crypto/kerberosIV/appl/sample/sample_server.c b/crypto/kerberosIV/appl/sample/sample_server.c deleted file mode 100644 index 65b61ae..0000000 --- a/crypto/kerberosIV/appl/sample/sample_server.c +++ /dev/null @@ -1,155 +0,0 @@ -/* $FreeBSD$ */ - -/* - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, - * please see the file <mit-copyright.h>. - * - * sample_server: - * A sample Kerberos server, which reads a ticket from a TCP socket, - * decodes it, and writes back the results (in ASCII) to the client. - * - * Usage: - * sample_server - * - * file descriptor 0 (zero) should be a socket connected to the requesting - * client (this will be correct if this server is started by inetd). - */ - -#include "sample.h" - -RCSID("$Id: sample_server.c,v 1.14.2.1 2000/06/28 19:08:00 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-i] [-s service] [-t srvtab]\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - struct sockaddr_in peername, myname; - int namelen = sizeof(peername); - int status, count, len; - long authopts; - AUTH_DAT auth_data; - KTEXT_ST clt_ticket; - des_key_schedule sched; - char instance[INST_SZ]; - char service[ANAME_SZ]; - char version[KRB_SENDAUTH_VLEN+1]; - char retbuf[512]; - char lname[ANAME_SZ]; - char srvtab[MaxPathLen]; - int c; - int no_inetd = 0; - - /* open a log connection */ - - set_progname (argv[0]); - - roken_openlog(__progname, LOG_ODELAY, LOG_DAEMON); - - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - *srvtab = '\0'; - - while ((c = getopt (argc, argv, "s:t:i")) != -1) - switch (c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 't' : - strlcpy (srvtab, optarg, sizeof(srvtab)); - break; - case 'i': - no_inetd = 1; - break; - case '?' : - default : - usage (); - } - - if (no_inetd) - mini_inetd (htons(SAMPLE_PORT)); - - /* - * To verify authenticity, we need to know the address of the - * client. - */ - if (getpeername(STDIN_FILENO, - (struct sockaddr *)&peername, - &namelen) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - return 1; - } - - /* for mutual authentication, we need to know our address */ - namelen = sizeof(myname); - if (getsockname(STDIN_FILENO, (struct sockaddr *)&myname, &namelen) < 0) { - syslog(LOG_ERR, "getsocknamename: %m"); - return 1; - } - - /* read the authenticator and decode it. Using `k_getsockinst' we - * always get the right instance on a multi-homed host. - */ - k_getsockinst (STDIN_FILENO, instance, sizeof(instance)); - - /* we want mutual authentication */ - authopts = KOPT_DO_MUTUAL; - status = krb_recvauth(authopts, STDIN_FILENO, &clt_ticket, - service, instance, &peername, &myname, - &auth_data, srvtab, - sched, version); - if (status != KSUCCESS) { - snprintf(retbuf, sizeof(retbuf), - "Kerberos error: %s\n", - krb_get_err_text(status)); - syslog(LOG_ERR, "%s", retbuf); - } else { - /* Check the version string (KRB_SENDAUTH_VLEN chars) */ - if (strncmp(version, SAMPLE_VERSION, KRB_SENDAUTH_VLEN)) { - /* didn't match the expected version */ - /* could do something different, but we just log an error - and continue */ - version[8] = '\0'; /* make sure null term */ - syslog(LOG_ERR, "Version mismatch: '%s' isn't '%s'", - version, SAMPLE_VERSION); - } - /* now that we have decoded the authenticator, translate - the kerberos principal.instance@realm into a local name */ - if (krb_kntoln(&auth_data, lname) != KSUCCESS) - strlcpy(lname, - "*No local name returned by krb_kntoln*", - sizeof(lname)); - /* compose the reply */ - snprintf(retbuf, sizeof(retbuf), - "You are %s.%s@%s (local name %s),\n at address %s, version %s, cksum %ld\n", - auth_data.pname, - auth_data.pinst, - auth_data.prealm, - lname, - inet_ntoa(peername.sin_addr), - version, - (long)auth_data.checksum); - } - - /* write back the response */ - if ((count = write(0, retbuf, (len = strlen(retbuf) + 1))) < 0) { - syslog(LOG_ERR,"write: %m"); - return 1; - } else if (count != len) { - syslog(LOG_ERR, "write count incorrect: %d != %d\n", - count, len); - return 1; - } - - /* close up and exit */ - close(0); - return 0; -} diff --git a/crypto/kerberosIV/appl/sample/simple.h b/crypto/kerberosIV/appl/sample/simple.h deleted file mode 100644 index 17315b3..0000000 --- a/crypto/kerberosIV/appl/sample/simple.h +++ /dev/null @@ -1,14 +0,0 @@ -/* - * $Id: simple.h,v 1.3 1996/09/27 15:54:23 assar Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Common definitions for the simple UDP-based Kerberos-mediated - * server & client applications. - */ - -#define SERVICE "sample" -#define HOST "bach" diff --git a/crypto/kerberosIV/appl/sample/simple_client.c b/crypto/kerberosIV/appl/sample/simple_client.c deleted file mode 100644 index 434150d..0000000 --- a/crypto/kerberosIV/appl/sample/simple_client.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * - * Copyright 1989 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Simple UDP-based sample client program. For demonstration. - * This program performs no useful function. - */ - -#include "sample.h" -RCSID("$Id: simple_client.c,v 1.15 1999/11/13 06:29:01 assar Exp $"); - -#define MSG "hi, Jennifer!" /* message text */ - -static int -talkto(char *hostname, char *service, int port) -{ - int flags = 0; /* flags for sendto() */ - long len; - u_long cksum = 0L; /* cksum not used */ - char c_realm[REALM_SZ]; /* local Kerberos realm */ - char *s_realm; /* server's Kerberos realm */ - - KTEXT_ST k; /* Kerberos data */ - KTEXT ktxt = &k; - - int sock, i; - struct hostent *host; - struct sockaddr_in s_sock; /* server address */ - char myhostname[MaxHostNameLen]; /* local hostname */ - - /* for krb_mk_safe/priv */ - struct sockaddr_in c_sock; /* client address */ - CREDENTIALS c; /* ticket & session key */ - CREDENTIALS *cred = &c; - - /* for krb_mk_priv */ - des_key_schedule sched; /* session key schedule */ - - /* Look up server host */ - if ((host = gethostbyname(hostname)) == NULL) { - fprintf(stderr, "%s: unknown host \n", hostname); - return 1; - } - - /* Set server's address */ - memset(&s_sock, 0, sizeof(s_sock)); - memcpy(&s_sock.sin_addr, host->h_addr, sizeof(s_sock.sin_addr)); - s_sock.sin_family = AF_INET; - if (port) - s_sock.sin_port = port; - else - s_sock.sin_port = k_getportbyname (service, "tcp", htons(SAMPLE_PORT)); - - if (gethostname(myhostname, sizeof(myhostname)) < 0) { - warn("gethostname"); - return 1; - } - - if ((host = gethostbyname(myhostname)) == NULL) { - fprintf(stderr, "%s: unknown host\n", myhostname); - return 1; - } - - /* Open a socket */ - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { - warn("socket SOCK_DGRAM"); - return 1; - } - - memset(&c_sock, 0, sizeof(c_sock)); - memcpy(&c_sock.sin_addr, host->h_addr, sizeof(c_sock.sin_addr)); - c_sock.sin_family = AF_INET; - - /* Bind it to set the address; kernel will fill in port # */ - if (bind(sock, (struct sockaddr *)&c_sock, sizeof(c_sock)) < 0) { - warn("bind"); - return 1; - } - - /* Get local realm, not needed, just an example */ - if ((i = krb_get_lrealm(c_realm, 1)) != KSUCCESS) { - fprintf(stderr, "can't find local Kerberos realm\n"); - return 1; - } - printf("Local Kerberos realm is %s\n", c_realm); - - /* Get Kerberos realm of host */ - s_realm = krb_realmofhost(hostname); - - /* PREPARE KRB_MK_REQ MESSAGE */ - - /* Get credentials for server, create krb_mk_req message */ - if ((i = krb_mk_req(ktxt, service, hostname, s_realm, cksum)) - != KSUCCESS) { - fprintf(stderr, "%s\n", krb_get_err_text(i)); - return 1; - } - printf("Got credentials for %s.\n", service); - - /* Send authentication info to server */ - i = sendto(sock, (char *)ktxt->dat, ktxt->length, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending datagram message"); - printf("Sent authentication data: %d bytes\n", i); - - /* PREPARE KRB_MK_SAFE MESSAGE */ - - /* Get my address */ - memset(&c_sock, 0, sizeof(c_sock)); - i = sizeof(c_sock); - if (getsockname(sock, (struct sockaddr *)&c_sock, &i) < 0) { - warn("getsockname"); - return 1; - } - - /* Get session key */ - i = krb_get_cred(service, hostname, s_realm, cred); - if (i != KSUCCESS) - return 1; - - /* Make the safe message */ - len = krb_mk_safe(MSG, ktxt->dat, strlen(MSG)+1, - &cred->session, &c_sock, &s_sock); - - /* Send it */ - i = sendto(sock, (char *)ktxt->dat, (int) len, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending safe message"); - printf("Sent checksummed message: %d bytes\n", i); - - /* PREPARE KRB_MK_PRIV MESSAGE */ - -#ifdef NOENCRYPTION - memset(sched, 0, sizeof(sched)); -#else - /* Get key schedule for session key */ - des_key_sched(&cred->session, sched); -#endif - - /* Make the encrypted message */ - len = krb_mk_priv(MSG, ktxt->dat, strlen(MSG)+1, - sched, &cred->session, &c_sock, &s_sock); - - /* Send it */ - i = sendto(sock, (char *)ktxt->dat, (int) len, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending encrypted message"); - printf("Sent encrypted message: %d bytes\n", i); - return 0; -} - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-s service] [-p port] hostname\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - int ret = 0; - int port = 0; - char service[SNAME_SZ]; - struct servent *serv; - int c; - - set_progname (argv[0]); - - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - - while ((c = getopt(argc, argv, "s:p:")) != -1) - switch(c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 'p' : - serv = getservbyname (optarg, "tcp"); - if (serv) - port = serv->s_port; - else - port = htons(atoi(optarg)); - break; - case '?' : - default : - usage(); - } - - argc -= optind; - argv += optind; - - while (argc-- > 0) - ret &= talkto (*argv++, service, port); - return ret; -} diff --git a/crypto/kerberosIV/appl/sample/simple_server.c b/crypto/kerberosIV/appl/sample/simple_server.c deleted file mode 100644 index 05baa4e..0000000 --- a/crypto/kerberosIV/appl/sample/simple_server.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * - * Copyright 1989 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Simple UDP-based server application. For demonstration. - * This program performs no useful function. - */ - -#include "sample.h" - -RCSID("$Id: simple_server.c,v 1.11 1999/11/13 06:29:24 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-p port] [-s service] [-t srvtab]\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - char service[SNAME_SZ]; - char instance[INST_SZ]; - int port; - char srvtab[MaxPathLen]; - struct sockaddr_in addr, otheraddr; - int c; - int sock; - int i; - int len; - KTEXT_ST k; - KTEXT ktxt = &k; - AUTH_DAT ad; - MSG_DAT msg_data; - des_key_schedule sched; - - set_progname (argv[0]); - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - strlcpy (instance, "*", sizeof(instance)); - *srvtab = '\0'; - port = 0; - - while ((c = getopt (argc, argv, "p:s:t:")) != -1) - switch (c) { - case 'p' : { - struct servent *sp; - - sp = getservbyname (optarg, "udp"); - if (sp) - port = sp->s_port; - else - port = htons(atoi(optarg)); - break; - } - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 't' : - strlcpy (srvtab, optarg, sizeof(srvtab)); - break; - case '?' : - default : - usage (); - } - - if(port == 0) - port = k_getportbyname (SAMPLE_SERVICE, "udp", htons(SAMPLE_PORT)); - - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_port = port; - - sock = socket (AF_INET, SOCK_DGRAM, 0); - if (sock < 0) - err (1, "socket"); - - if (bind (sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) - err (1, "bind"); - - /* GET KRB_MK_REQ MESSAGE */ - - i = read(sock, ktxt->dat, MAX_KTXT_LEN); - if (i < 0) - err (1, "read"); - - printf("Received %d bytes\n", i); - ktxt->length = i; - - /* Check authentication info */ - i = krb_rd_req(ktxt, service, instance, 0, &ad, ""); - if (i != KSUCCESS) - errx (1, "krb_rd_req: %s", krb_get_err_text(i)); - printf("Got authentication info from %s%s%s@%s\n", ad.pname, - *ad.pinst ? "." : "", ad.pinst, ad.prealm); - - /* GET KRB_MK_SAFE MESSAGE */ - - /* use "recvfrom" so we know client's address */ - len = sizeof(otheraddr); - i = recvfrom(sock, ktxt->dat, MAX_KTXT_LEN, 0, - (struct sockaddr *)&otheraddr, &len); - if (i < 0) - err (1, "recvfrom"); - printf("Received %d bytes\n", i); - - /* Verify the checksummed message */ - i = krb_rd_safe(ktxt->dat, i, &ad.session, &otheraddr, - &addr, &msg_data); - if (i != KSUCCESS) - errx (1, "krb_rd_safe: %s", krb_get_err_text(i)); - printf("Safe message is: %s\n", msg_data.app_data); - - /* NOW GET ENCRYPTED MESSAGE */ - -#ifdef NOENCRYPTION - memset(sched, 0, sizeof(sched)); -#else - /* need key schedule for session key */ - des_key_sched(&ad.session, sched); -#endif - - /* use "recvfrom" so we know client's address */ - len = sizeof(otheraddr); - i = recvfrom(sock, ktxt->dat, MAX_KTXT_LEN, 0, - (struct sockaddr *)&otheraddr, &len); - if (i < 0) - err (1, "recvfrom"); - printf("Received %d bytes\n", i); - i = krb_rd_priv(ktxt->dat, i, sched, &ad.session, &otheraddr, - &addr, &msg_data); - if (i != KSUCCESS) - errx (1, "krb_rd_priv: %s", krb_get_err_text(i)); - printf("Decrypted message is: %s\n", msg_data.app_data); - return(0); -} |