diff options
Diffstat (limited to 'lib/librpc/secure_rpc')
44 files changed, 0 insertions, 7088 deletions
diff --git a/lib/librpc/secure_rpc/README b/lib/librpc/secure_rpc/README deleted file mode 100644 index b8a860e..0000000 --- a/lib/librpc/secure_rpc/README +++ /dev/null @@ -1,92 +0,0 @@ -Export restriction prohibit us from including DES encryption routines in RPCSRC -4.0. The main RPCSRC 4.0 hierarchy does not include DES Authentication, -however this directory contains the documentation and code used to build secure -rpc. THIS DISTRIBUTION OF SECURE RPC NEEDS EXTENSIVE WORK BEFORE IT CAN BE -USED. PLEASE READ THE PORTING GUIDLINES BELOW. - -HIERARCHY - -bin/ - - This directory contains chkey and keylogin. These are user programs - used to establish the credentials of an RPC user. - -demo/ - The 'whoami' service is found here. It can be used to test secure RPC. - rpcgen is used to build the client and server. - -des/ - - des_crypt.h defines the interfaces to cbc_crypt() and ecb_crypt(), - the DES routines used by DES Authentication. - des.h defines the desparams structure that is used internally by - these routines. Secure RPC expects it to be installed in - /usr/include/sys. - des_crypt.c defines the cbc_crypt() and ecb_crypt() routines. These - eventually call the routine _des_crypt(), which is *not* provided. - des_soft.c contains the des_setparity() routine. - -doc/ - - The document "nfs.secure.ms" is found here. It describes Secure - RPC and Secure NFS. - -keyserv/ - - This is an RPC based program that stores the private keys for - users that are using secure RPC. - -man/ - - Manual pages for the programs and library routines are found here. - -rpc/ - - The routines in this directory should be integrated with the - default rpc directory to make a single RPC library. The Makefile - found in this directory replaces the one in ../rpc. Note: the file - svc_auth.c in this directory replaces the one in ../rpc. Also, the - file ../rpc/rpc.h should be edited to include the file <rpc/des_auth.h> - (it presently is commented out). - -PORTING GUIDELINES - -You will need to provide a DES encryption routine. man/des_crypt.3 describes -the interface to ecb_crypt() and cbc_crypt() (secure RPC uses both modes). The -des/ directory has the "front-end" for these routines in the des_crypt.c file. - -Since public key authentication systems require a network global data lookup -facility, this implementation uses Sun's Yellow Pages. If your site does not -have Yellow Pages, you will have to modify the routines in rpc/publickey.c and -bin/chkey.c. One possible approach is to replace the YP calls with code to -read the file /etc/publickey; this file would presumably be shared by all -secure RPC sites via NFS or some equivalent file sharing facility. If you wish -to implement YP yourself, the RPCL (.x) protocol description file can be found -in ../rpcsvc/yp.x. - -The routines in rpc/ and keyserv/ assume that the file des/des_crypt.h -is installed in /usr/include (they include <des_crypt.h>). The file -des/des_crypt.c assumes that des.h is installed in /usr/include/sys (it -include <sys/des.h>). The des/ directory does not have a Makefile that -would install these header files, so you will either have to do this -by hand, or modify the routines to include the header files in a way suitable -for your site. - -While the programs in bin/ and keyserv/ can be built in place (assuming -the header files they include and the RPC library are available), the files -in rpc/ must be moved into ../rpc/, the main RPC library. The Makefile and -svc_auth.c found in rpc/ will replace those found in ../rpc/. You must also -edit ../rpc/rpc.h to include <rpc/des_auth.h>. - -OPERATION - -Please read the documentation and manual pages for information on how to -administer secure RPC. - -In the demo/ directory you'll find the 'whoami' service. This service uses DES -Authentication, and can be used to check out secure RPC. The client program, -'rme' takes a host as an argument. This host must be running the keyserv -daemon and the 'whoami_svc' server. The service returns the identity of the -client-user as known to the system on which the server is running. This -information is only returned, however, if the client request has proper DES -credentials. diff --git a/lib/librpc/secure_rpc/bin/Makefile b/lib/librpc/secure_rpc/bin/Makefile deleted file mode 100644 index 9d08018..0000000 --- a/lib/librpc/secure_rpc/bin/Makefile +++ /dev/null @@ -1,50 +0,0 @@ -# -# @(#)Makefile 2.1 88/08/10 4.0 RPCSRC -# -DESTDIR= -CFLAGS= -O -RPCLIB= -lrpclib - -# C programs that live in the current directory and need explicit make lines. -# (make depend has special rules for these files) -# -NSTD= chkey keylogin - -all: ${NSTD} - -chkey: chkey.c - ${CC} ${CFLAGS} -o chkey chkey.c -lrpcsvc -lmp ${RPCLIB} - -keylogin: keylogin.c - ${CC} ${CFLAGS} -o keylogin keylogin.c -lrpcsvc ${RPCLIB} - -install: - -for i in ${NSTD}; do \ - (install -s $$i ${DESTDIR}/usr/bin/$$i); done - -clean: - rm -f a.out core *.s *.o - rm -f ${NSTD} - -depend: - for i in ${NSTD}; do \ - cc -M ${INCPATH} $$i.c | sed 's/\.o//' | \ - awk ' { if ($$1 != prev) \ - { if (rec != "") print rec; rec = $$0; prev = $$1; } \ - else { if (length(rec $$2) > 78) { print rec; rec = $$0; } \ - else rec = rec " " $$2 } } \ - END { print rec } ' >> makedep; done - echo '/^# DO NOT DELETE THIS LINE/+2,$$d' >eddep - echo '$$r makedep' >>eddep - echo 'w' >>eddep - cp Makefile Makefile.bak - ed - Makefile < eddep - rm eddep makedep - echo '# DEPENDENCIES MUST END AT END OF FILE' >> Makefile - echo '# IF YOU PUT STUFF HERE IT WILL GO AWAY' >> Makefile - echo '# see make depend above' >> Makefile - -# Files listed in ${NSTD} have explicit make lines given below. - -# DO NOT DELETE THIS LINE -- make depend uses it - diff --git a/lib/librpc/secure_rpc/bin/chkey.c b/lib/librpc/secure_rpc/bin/chkey.c deleted file mode 100644 index eefb34e..0000000 --- a/lib/librpc/secure_rpc/bin/chkey.c +++ /dev/null @@ -1,302 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)chkey.c 2.3 88/08/15 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * Command to change one's public key in the public key database - */ -#include <stdio.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> -#include <rpcsvc/ypclnt.h> -#include <sys/file.h> -#include <pwd.h> -#include <mp.h> - -extern char *getpass(); -extern char *index(); -extern char *crypt(); -extern char *sprintf(); -extern long random(); - -static char PKMAP[] = "publickey.byname"; -static char *domain; -struct passwd *ypgetpwuid(); - -main(argc, argv) - int argc; - char **argv; -{ - char name[MAXNETNAMELEN+1]; - char public[HEXKEYBYTES + 1]; - char secret[HEXKEYBYTES + 1]; - char crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE + 1]; - char crypt2[HEXKEYBYTES + KEYCHECKSUMSIZE + 1]; - int status; - char *pass; - struct passwd *pw; - char *master; - int euid; - int fd; - int force; - char *self; - - self = argv[0]; - force = 0; - for (argc--, argv++; argc > 0 && **argv == '-'; argc--, argv++) { - if (argv[0][2] != 0) { - usage(self); - } - switch (argv[0][1]) { - case 'f': - force = 1; - break; - default: - usage(self); - } - } - if (argc != 0) { - usage(self); - } - - (void)yp_get_default_domain(&domain); - if (yp_master(domain, PKMAP, &master) != 0) { - (void)fprintf(stderr, - "can't find master of publickey database\n"); - exit(1); - } - - getnetname(name); - (void)printf("Generating new key for %s.\n", name); - - euid = geteuid(); - if (euid != 0) { - pw = ypgetpwuid(euid); - if (pw == NULL) { - (void)fprintf(stderr, - "No yp password found: can't change key.\n"); - exit(1); - } - } else { - pw = getpwuid(0); - if (pw == NULL) { - (void)fprintf(stderr, - "No password found: can't change key.\n"); - exit(1); - } - } - pass = getpass("Password:"); - if (!force) { - if (strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) != 0) { - (void)fprintf(stderr, "Invalid password.\n"); - exit(1); - } - } - - genkeys(public, secret, pass); - - bcopy(secret, crypt1, HEXKEYBYTES); - bcopy(secret, crypt1 + HEXKEYBYTES, KEYCHECKSUMSIZE); - crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0; - xencrypt(crypt1, pass); - - if (force) { - bcopy(crypt1, crypt2, HEXKEYBYTES + KEYCHECKSUMSIZE + 1); - xdecrypt(crypt2, getpass("Retype password:")); - if (bcmp(crypt2, crypt2 + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0 || - bcmp(crypt2, secret, HEXKEYBYTES) != 0) { - (void)fprintf(stderr, "Password incorrect.\n"); - exit(1); - } - } - - (void)printf("Sending key change request to %s...\n", master); - status = setpublicmap(name, public, crypt1); - if (status != 0) { - (void)printf("%s: unable to update yp database (%u): %s\n", - self, status, yperr_string(status)); - (void)printf("Perhaps %s is down?\n", master); - exit(1); - } - (void)printf("Done.\n"); - - if (key_setsecret(secret) < 0) { - (void)printf("Unable to login with new secret key.\n"); - exit(1); - } -} - -usage(name) - char *name; -{ - (void)fprintf(stderr, "usage: %s [-f]\n", name); - exit(1); -} - - -/* - * Generate a seed - */ -getseed(seed, seedsize, pass) - char *seed; - int seedsize; - unsigned char *pass; -{ - int i; - int rseed; - struct timeval tv; - - (void)gettimeofday(&tv, (struct timezone *)NULL); - rseed = tv.tv_sec + tv.tv_usec; - for (i = 0; i < 8; i++) { - rseed ^= (rseed << 8) | pass[i]; - } - srandom(rseed); - - for (i = 0; i < seedsize; i++) { - seed[i] = (random() & 0xff) ^ pass[i % 8]; - } -} - - -/* - * Generate a random public/secret key pair - */ -genkeys(public, secret, pass) - char *public; - char *secret; - char *pass; -{ - int i; - -#define BASEBITS (8*sizeof(short) - 1) -#define BASE (1 << BASEBITS) - - MINT *pk = itom(0); - MINT *sk = itom(0); - MINT *tmp; - MINT *base = itom(BASE); - MINT *root = itom(PROOT); - MINT *modulus = xtom(HEXMODULUS); - short r; - unsigned short seed[KEYSIZE/BASEBITS + 1]; - char *xkey; - - getseed((char *)seed, sizeof(seed), (unsigned char *)pass); - for (i = 0; i < KEYSIZE/BASEBITS + 1; i++) { - r = seed[i] % BASE; - tmp = itom(r); - mult(sk, base, sk); - madd(sk, tmp, sk); - mfree(tmp); - } - tmp = itom(0); - mdiv(sk, modulus, tmp, sk); - mfree(tmp); - pow(root, sk, modulus, pk); - xkey = mtox(sk); - adjust(secret, xkey); - xkey = mtox(pk); - adjust(public, xkey); - mfree(sk); - mfree(base); - mfree(pk); - mfree(root); - mfree(modulus); -} - -/* - * Adjust the input key so that it is 0-filled on the left - */ -adjust(keyout, keyin) - char keyout[HEXKEYBYTES+1]; - char *keyin; -{ - char *p; - char *s; - - for (p = keyin; *p; p++) - ; - for (s = keyout + HEXKEYBYTES; p >= keyin; p--, s--) { - *s = *p; - } - while (s >= keyout) { - *s-- = '0'; - } -} - -/* - * Set the entry in the public key map - */ -setpublicmap(name, public, secret) - char *name; - char *public; - char *secret; -{ - char pkent[1024]; - u_int rslt; - - (void)sprintf(pkent,"%s:%s", public, secret); - rslt = yp_update(domain, PKMAP, YPOP_STORE, - name, strlen(name), pkent, strlen(pkent)); - return (rslt); -} - -struct passwd * -ypgetpwuid(uid) - int uid; -{ - char uidstr[10]; - char *val; - int vallen; - static struct passwd pw; - char *p; - - (void)sprintf(uidstr, "%d", uid); - if (yp_match(domain, "passwd.byuid", uidstr, strlen(uidstr), - &val, &vallen) != 0) { - return (NULL); - } - p = index(val, ':'); - if (p == NULL) { - return (NULL); - } - pw.pw_passwd = p + 1; - p = index(pw.pw_passwd, ':'); - if (p == NULL) { - return (NULL); - } - *p = 0; - return (&pw); -} diff --git a/lib/librpc/secure_rpc/bin/keylogin.c b/lib/librpc/secure_rpc/bin/keylogin.c deleted file mode 100644 index 0643f07..0000000 --- a/lib/librpc/secure_rpc/bin/keylogin.c +++ /dev/null @@ -1,66 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)keylogin.c 2.2 88/08/10 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * Set secret key on local machine - */ -#include <stdio.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> - -main(argc,argv) - int argc; - char *argv[]; -{ - char fullname[MAXNETNAMELEN + 1]; - char secret[HEXKEYBYTES + 1]; - char *getpass(); - - getnetname(fullname); - if (! getsecretkey(fullname, secret, getpass("Password:"))) { - fprintf(stderr, "Can't find %s's secret key\n", fullname); - exit(1); - } - if (secret[0] == 0) { - fprintf(stderr, "Password incorrect for %s\n", fullname); - exit(1); - } - if (key_setsecret(secret) < 0) { - fprintf(stderr, "Could not set %s's secret key\n", fullname); - fprintf(stderr, "Maybe the keyserver is down?\n"); - exit(1); - } - exit(0); -} diff --git a/lib/librpc/secure_rpc/demo/Makefile b/lib/librpc/secure_rpc/demo/Makefile deleted file mode 100644 index f1e62a7..0000000 --- a/lib/librpc/secure_rpc/demo/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -# -# @(#)Makefile 2.2 88/08/15 4.0 RPCSRC -# -BIN = whoami_svc rme -GEN = whoami_clnt.c whoami_svc.c whoami_xdr.c whoami.h -LIB = -lrpclib -#use this line on SunOS or NFSSRC-based systems. -#LIB = -lrpcsvc -RPCCOM = rpcgen - -all: $(BIN) - -$(GEN): whoami.x - $(RPCCOM) whoami.x - -whoami_svc: whoami_proc.o whoami_svc.o whoami_xdr.o - $(CC) -o $@ whoami_proc.o whoami_svc.o whoami_xdr.o $(LIB) - -rme: rme.o whoami_clnt.o whoami_xdr.o - $(CC) -o $@ rme.o whoami_clnt.o whoami_xdr.o $(LIB) - -rme.o: rme.c whoami.h - -whoami_proc.o: whoami_proc.c whoami.h - -clean cleanup: - rm -f $(GEN) *.o $(BIN) - diff --git a/lib/librpc/secure_rpc/demo/rme.c b/lib/librpc/secure_rpc/demo/rme.c deleted file mode 100644 index 773eafa..0000000 --- a/lib/librpc/secure_rpc/demo/rme.c +++ /dev/null @@ -1,96 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)rme.c 2.3 88/09/09 4.0 RPCSRC"; -#endif -/* - * rme.c: secure identity verifier and reporter: client side - */ -#include <rpc/rpc.h> -#include <stdio.h> -#include "whoami.h" - -/* - * Before running this program, the user must have a key in the publickey - * database, and must have logged in with a password (or used keylogin). - * The user's machine and the server's machine must both be running keyserv. - */ - -main(argc, argv) - int argc; - char *argv[]; -{ - CLIENT *cl; - char *server; - remote_identity *remote_me; - name *servername; - void *nullp; - - if (argc != 2) { - fprintf(stderr, "usage: %s host\n", argv[0]); - exit(1); - } - - /* - * Remember what our command line argument refers to - */ - server = argv[1]; - - /* - * Create client "handle" used for calling WHOAMI on the - * server designated on the command line. We tell the rpc package - * to use the "udp" protocol when contacting the server. - */ - cl = clnt_create(server, WHOAMI, WHOAMI_V1, "udp"); - if (cl == NULL) { - /* - * Couldn't establish connection with server. - * Print error message and die. - */ - clnt_pcreateerror(server); - exit(1); - } - /* - * Get network identifier for server machine. - */ - servername = whoami_whoru_1(nullp, cl); - if (servername == NULL) - { - fprintf(stderr, "Trouble communicating with %s\n", - clnt_sperror(cl, server)); - exit(1); - } - else if (*servername[0] == '\0') - { - fprintf(stderr, "Could not determine netname of WHOAMI server.\n"); - exit(1); - } - printf("Server's netname is: %s\n", *servername); - - /* - * A wide window and no synchronization is used. Client and server - * clock must be with five minutes of each other. - */ - if ((cl->cl_auth = authdes_create(*servername, 300, NULL, NULL)) == NULL) - { - fprintf(stderr, "Could not establish DES credentials of netname %s\n", - servername); - exit(1); - } - - /* - * Find out who I am, in the server's point of view. - */ - remote_me = whoami_iask_1(nullp, cl); - if (remote_me == NULL) - { - fprintf(stderr, "Trouble getting my identity from %s\n", - clnt_sperror(cl, server)); - exit(1); - } - /* - * Print out my identity. - */ - printf("My remote user name: %s\n", remote_me->remote_username); - printf("My remote real name: %s\n", remote_me->remote_realname); - - exit(0); -} diff --git a/lib/librpc/secure_rpc/demo/whoami.x b/lib/librpc/secure_rpc/demo/whoami.x deleted file mode 100644 index 041cd0a..0000000 --- a/lib/librpc/secure_rpc/demo/whoami.x +++ /dev/null @@ -1,33 +0,0 @@ -/* @(#)whoami.x 2.2 88/08/22 4.0 RPCSRC */ - -const WHOAMI_NGROUPS = 16; - -typedef string name<MAXNETNAMELEN>; - -struct remote_identity { - bool authenticated; /* TRUE if the server authenticates us */ - name remote_username; /* login name */ - name remote_realname; /* gcos-field name (long name) */ - int uid; - int gid; - int gids<WHOAMI_NGROUPS>; -}; - -program WHOAMI { - version WHOAMI_V1 { - /* - * Report on the server's notion of the client's identity. - * Will respond to AUTH_DES only. - */ - remote_identity - WHOAMI_IASK(void) = 1; - /* - * Return server's netname. AUTH_NONE is okay. - * This routine allows this server to be started under any uid, - * and the client can ask it its netname for use in authdes_create(). - */ - name - WHOAMI_WHORU(void) = 2; - - } = 1; -} = 80955; diff --git a/lib/librpc/secure_rpc/demo/whoami_proc.c b/lib/librpc/secure_rpc/demo/whoami_proc.c deleted file mode 100644 index 231d322..0000000 --- a/lib/librpc/secure_rpc/demo/whoami_proc.c +++ /dev/null @@ -1,95 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)whoami_proc.c 2.3 89/07/11 4.0 RPCSRC"; -#endif -/* - * whoami_proc.c: secure identity verifier and reporter: server proc - */ -#include <sys/param.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> -#include <pwd.h> -#include "whoami.h" - -extern char *strcpy(); - -/* - * Report on the server's notion of the client's identity. - */ -remote_identity * -whoami_iask_1(nullarg, rqstp) - void *nullarg; - struct svc_req *rqstp; -{ -static remote_identity whoisthem; -static char username[MAXNETNAMELEN+1]; -static char realname[MAXNETNAMELEN+1]; /* really gecos field */ -static int grouplist[NGROUPS]; - char publickey[HEXKEYBYTES+1]; - - struct authdes_cred *des_cred; - struct passwd *pwdent; - - switch (rqstp->rq_cred.oa_flavor) - { - case AUTH_DES: - whoisthem.remote_username = username; - whoisthem.remote_realname = realname; - whoisthem.gids.gids_val = grouplist; - des_cred = (struct authdes_cred *) rqstp->rq_clntcred; - /* - * Check to see if the netname being used is in the public key - * database (if not, reject this (potential) imposter). - */ - if (! getpublickey(des_cred->adc_fullname.name, publickey)) - { - svcerr_weakauth(rqstp->rq_xprt); - return(NULL); - } - /* - * Get the info that the client wants. - */ - if (! netname2user(des_cred->adc_fullname.name, &whoisthem.uid, - &whoisthem.gid, &whoisthem.gids.gids_len, - whoisthem.gids.gids_val)) - { /* netname not found */ - whoisthem.authenticated = FALSE; - strcpy(whoisthem.remote_username, "nobody"); - strcpy(whoisthem.remote_realname, "INTERLOPER!"); - whoisthem.uid = -2; - whoisthem.gid = -2; - whoisthem.gids.gids_len = 0; - return(&whoisthem); - } - /* else we found the netname */ - whoisthem.authenticated = TRUE; - pwdent = getpwuid(whoisthem.uid); - strcpy(whoisthem.remote_username, pwdent->pw_name); - strcpy(whoisthem.remote_realname, pwdent->pw_gecos); - return(&whoisthem); - break; - case AUTH_UNIX: - case AUTH_NULL: - default: - svcerr_weakauth(rqstp->rq_xprt); - return(NULL); - } -} - -/* - * Return server's netname. AUTH_NONE is valid. - * This routine allows this server to be started under any uid, - * and the client can ask us our netname for use in authdes_create(). - */ -name * -whoami_whoru_1(nullarg, rqstp) - void *nullarg; - struct svc_req *rqstp; -{ -static name whoru; -static char servername[MAXNETNAMELEN+1]; - - whoru = servername; - getnetname(servername); - - return(&whoru); -} diff --git a/lib/librpc/secure_rpc/des/des.h b/lib/librpc/secure_rpc/des/des.h deleted file mode 100644 index c237f23..0000000 --- a/lib/librpc/secure_rpc/des/des.h +++ /dev/null @@ -1,68 +0,0 @@ -/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Generic DES driver interface - * Keep this file hardware independent! - * Copyright (c) 1986 by Sun Microsystems, Inc. - */ - -#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */ -#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */ - -enum desdir { ENCRYPT, DECRYPT }; -enum desmode { CBC, ECB }; - -/* - * parameters to ioctl call - */ -struct desparams { - u_char des_key[8]; /* key (with low bit parity) */ - enum desdir des_dir; /* direction */ - enum desmode des_mode; /* mode */ - u_char des_ivec[8]; /* input vector */ - unsigned des_len; /* number of bytes to crypt */ - union { - u_char UDES_data[DES_QUICKLEN]; - u_char *UDES_buf; - } UDES; -# define des_data UDES.UDES_data /* direct data here if quick */ -# define des_buf UDES.UDES_buf /* otherwise, pointer to data */ -}; - -/* - * Encrypt an arbitrary sized buffer - */ -#define DESIOCBLOCK _IOWR(d, 6, struct desparams) - -/* - * Encrypt of small amount of data, quickly - */ -#define DESIOCQUICK _IOWR(d, 7, struct desparams) - diff --git a/lib/librpc/secure_rpc/des/des_crypt.c b/lib/librpc/secure_rpc/des/des_crypt.c deleted file mode 100644 index 57a9e71..0000000 --- a/lib/librpc/secure_rpc/des/des_crypt.c +++ /dev/null @@ -1,138 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)des_crypt.c 2.2 88/08/10 4.0 RPCSRC; from 1.13 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * des_crypt.c, DES encryption library routines - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -#include <sys/types.h> -#include <des_crypt.h> -#include <sys/des.h> - -/* - * To see if chip is installed - */ -#define UNOPENED (-2) -static int g_desfd = UNOPENED; - - -/* - * Copy 8 bytes - */ -#define COPY8(src, dst) { \ - register char *a = (char *) dst; \ - register char *b = (char *) src; \ - *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \ - *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \ -} - -/* - * Copy multiple of 8 bytes - */ -#define DESCOPY(src, dst, len) { \ - register char *a = (char *) dst; \ - register char *b = (char *) src; \ - register int i; \ - for (i = (int) len; i > 0; i -= 8) { \ - *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \ - *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \ - } \ -} - -/* - * CBC mode encryption - */ -cbc_crypt(key, buf, len, mode, ivec) - char *key; - char *buf; - unsigned len; - unsigned mode; - char *ivec; -{ - int err; - struct desparams dp; - - dp.des_mode = CBC; - COPY8(ivec, dp.des_ivec); - err = common_crypt(key, buf, len, mode, &dp); - COPY8(dp.des_ivec, ivec); - return(err); -} - - -/* - * ECB mode encryption - */ -ecb_crypt(key, buf, len, mode) - char *key; - char *buf; - unsigned len; - unsigned mode; -{ - struct desparams dp; - - dp.des_mode = ECB; - return(common_crypt(key, buf, len, mode, &dp)); -} - - - -/* - * Common code to cbc_crypt() & ecb_crypt() - */ -static -common_crypt(key, buf, len, mode, desp) - char *key; - char *buf; - register unsigned len; - unsigned mode; - register struct desparams *desp; -{ - register int desdev; - register int res; - - if ((len % 8) != 0 || len > DES_MAXDATA) { - return(DESERR_BADPARAM); - } - desp->des_dir = - ((mode & DES_DIRMASK) == DES_ENCRYPT) ? ENCRYPT : DECRYPT; - - desdev = mode & DES_DEVMASK; - COPY8(key, desp->des_key); - /* - * software - */ - if (!_des_crypt(buf, len, desp)) { - return (DESERR_HWERROR); - } - return(desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE); -} diff --git a/lib/librpc/secure_rpc/des/des_crypt.h b/lib/librpc/secure_rpc/des/des_crypt.h deleted file mode 100644 index d21d095..0000000 --- a/lib/librpc/secure_rpc/des/des_crypt.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * @(#)des_crypt.h 2.1 88/08/11 4.0 RPCSRC; from 1.4 88/02/08 (C) 1986 SMI - * - * des_crypt.h, des library routine interface - * Copyright (C) 1986, Sun Microsystems, Inc. - */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -#define DES_MAXDATA 8192 /* max bytes encrypted in one call */ -#define DES_DIRMASK (1 << 0) -#define DES_ENCRYPT (0*DES_DIRMASK) /* Encrypt */ -#define DES_DECRYPT (1*DES_DIRMASK) /* Decrypt */ - - -#define DES_DEVMASK (1 << 1) -#define DES_HW (0*DES_DEVMASK) /* Use hardware device */ -#define DES_SW (1*DES_DEVMASK) /* Use software device */ - - -#define DESERR_NONE 0 /* succeeded */ -#define DESERR_NOHWDEVICE 1 /* succeeded, but hw device not available */ -#define DESERR_HWERROR 2 /* failed, hardware/driver error */ -#define DESERR_BADPARAM 3 /* failed, bad parameter to call */ - -#define DES_FAILED(err) \ - ((err) > DESERR_NOHWDEVICE) - -/* - * cbc_crypt() - * ecb_crypt() - * - * Encrypt (or decrypt) len bytes of a buffer buf. - * The length must be a multiple of eight. - * The key should have odd parity in the low bit of each byte. - * ivec is the input vector, and is updated to the new one (cbc only). - * The mode is created by oring together the appropriate parameters. - * DESERR_NOHWDEVICE is returned if DES_HW was specified but - * there was no hardware to do it on (the data will still be - * encrypted though, in software). - */ - - -/* - * Cipher Block Chaining mode - */ -cbc_crypt(/* key, buf, len, mode, ivec */); /* - char *key; - char *buf; - unsigned len; - unsigned mode; - char *ivec; -*/ - - -/* - * Electronic Code Book mode - */ -ecb_crypt(/* key, buf, len, mode */); /* - char *key; - char *buf; - unsigned len; - unsigned mode; -*/ - - -#ifndef KERNEL -/* - * Set des parity for a key. - * DES parity is odd and in the low bit of each byte - */ -void -des_setparity(/* key */); /* - char *key; -*/ -#endif diff --git a/lib/librpc/secure_rpc/des/des_soft.c b/lib/librpc/secure_rpc/des/des_soft.c deleted file mode 100644 index 01dd7f2..0000000 --- a/lib/librpc/secure_rpc/des/des_soft.c +++ /dev/null @@ -1,67 +0,0 @@ -#if !defined(lint) && defined(SCCSIDS) -static char sccsid[] = "@(#)des_soft.c 2.2 88/08/10 4.0 RPCSRC; from 1.13 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Table giving odd parity in the low bit for ASCII characters - */ -static char partab[128] = { - 0x01, 0x01, 0x02, 0x02, 0x04, 0x04, 0x07, 0x07, - 0x08, 0x08, 0x0b, 0x0b, 0x0d, 0x0d, 0x0e, 0x0e, - 0x10, 0x10, 0x13, 0x13, 0x15, 0x15, 0x16, 0x16, - 0x19, 0x19, 0x1a, 0x1a, 0x1c, 0x1c, 0x1f, 0x1f, - 0x20, 0x20, 0x23, 0x23, 0x25, 0x25, 0x26, 0x26, - 0x29, 0x29, 0x2a, 0x2a, 0x2c, 0x2c, 0x2f, 0x2f, - 0x31, 0x31, 0x32, 0x32, 0x34, 0x34, 0x37, 0x37, - 0x38, 0x38, 0x3b, 0x3b, 0x3d, 0x3d, 0x3e, 0x3e, - 0x40, 0x40, 0x43, 0x43, 0x45, 0x45, 0x46, 0x46, - 0x49, 0x49, 0x4a, 0x4a, 0x4c, 0x4c, 0x4f, 0x4f, - 0x51, 0x51, 0x52, 0x52, 0x54, 0x54, 0x57, 0x57, - 0x58, 0x58, 0x5b, 0x5b, 0x5d, 0x5d, 0x5e, 0x5e, - 0x61, 0x61, 0x62, 0x62, 0x64, 0x64, 0x67, 0x67, - 0x68, 0x68, 0x6b, 0x6b, 0x6d, 0x6d, 0x6e, 0x6e, - 0x70, 0x70, 0x73, 0x73, 0x75, 0x75, 0x76, 0x76, - 0x79, 0x79, 0x7a, 0x7a, 0x7c, 0x7c, 0x7f, 0x7f, -}; - -/* - * Add odd parity to low bit of 8 byte key - */ -void -des_setparity(p) - char *p; -{ - int i; - - for (i = 0; i < 8; i++) { - *p = partab[*p & 0x7f]; - p++; - } -} diff --git a/lib/librpc/secure_rpc/doc/Makefile b/lib/librpc/secure_rpc/doc/Makefile deleted file mode 100644 index 3cfbe9e..0000000 --- a/lib/librpc/secure_rpc/doc/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# -# @(#)Makefile 2.1 88/08/10 4.0 RPCSRC -# -# -TROFF= ditroff -TOPTS= -t -NROFF= nroff -NOPTS= -PIC= pic -TBL= tbl -EQN= eqn - -SRC= nfs.secure.ms - -all default: all.nroff - -install: all.nroff - @echo "Nothing installed." - -all.nroff: ${SRC} - ${TBL} ${SRC} | ${EQN} | ${NROFF} ${NOPTS} -ms >all.nroff - -all.troff: ${SRC} - ${TBL} ${SRC} | ${PIC} | ${EQN} | ${TROFF} ${TOPTS} -ms >all.troff - -# - -nfs.secure.nroff: nfs.secure.ms - ${TBL} nfs.secure.ms | ${EQN} | ${NROFF} ${NOPTS} -ms >nfs.secure.nroff - -nfs.secure.troff: nfs.secure.ms - ${TBL} nfs.secure.ms|${PIC}|${EQN}| ${TROFF} ${TOPTS} -ms >nfs.secure.troff - -clean: - rm -f *.nroff *.troff - -spell: ${SRC} - @for i in ${SRC}; do \ - echo $$i; spell $$i | sort | comm -23 - spell.ok > $$i.spell; \ - done diff --git a/lib/librpc/secure_rpc/doc/nfs.secure.ms b/lib/librpc/secure_rpc/doc/nfs.secure.ms deleted file mode 100644 index 2476790..0000000 --- a/lib/librpc/secure_rpc/doc/nfs.secure.ms +++ /dev/null @@ -1,934 +0,0 @@ -.\" Must use -- pic tbl eqn -- with this one. -.\" -.\" @(#)nfs.secure.ms 2.2 88/08/09 4.0 RPCSRC -.de BT -.if \\n%=1 .tl ''- % -'' -.. -.ND -.\" prevent excess underlining in nroff -.if n .fp 2 R -.OH 'Secure Networking''Page %' -.EH 'Page %''Secure Networking' -.if \\n%=1 .bp -.EQ -delim $$ -gsize 11 -.EN -.SH -\&Secure Networking -.nr OF 1 -.IX "security" "of networks" "" "" PAGE START -.IX "network security" "" "" "" PAGE START -.IX "NFS security" "" "" "" PAGE START -.LP -RPCSRC 4.0 includes an authentication system -that greatly improves the security of network environments. -The system is general enough to be used by other -.UX -and non-UNIX systems. -The system uses DES encryption and public key cryptography -to authenticate both users and machines in the network. -(DES stands for Data Encryption Standard.) -.LP -Public key cryptography is a cipher system that involves two keys: -one public and the other private. -The public key is published, while the private key is not; -the private (or secret) key is used to encrypt and decrypt data. -Sun's system differs from some other public key cryptography systems -in that the public and secret keys are used to generate a common key, -which is used in turn to create a DES key. -DES is relatively fast, -and on Sun Workstations, -optional hardware is available to make it even faster. -.# -.NH 0 -\&Administering Secure RPC -.IX "administering secure RPC" -.IX "security" "RPC administration" -.LP -This section describes what the system administrator must do -in order to use secure networking. -.IP 1 -RPCSRC now includes the -.I /etc/publickey -.IX "etc/publickey" "" "\&\fI/etc/publickey\fP" -database, which should contain three fields for each user: -the user's netname, a public key, and an encrypted secret key. -The corresponding Yellow Pages map is available to YP clients as -.I publickey.byname -but the database should reside only on the YP master. Make sure -.I /etc/netid -exists on the YP master server. -As normally installed, the only user is -.I nobody . -This is convenient administratively, -because users can establish their own public keys using -.I chkey (1) -.IX "chkey command" "" "\&\fIchkey\fP command" -without administrator intervention. -For even greater security, -the administrator can establish public keys for everyone using -.I newkey (8). -.IX "newkey command" "" "\&\fInewkey\fP command" -Note that the Yellow Pages take time to propagate a new map, -so it's a good idea for users to run -.I chkey , -or for the administrator to run -.I newkey , -just before going home for the night. -.IP 2 -Verify that the -.I keyserv (8c) -.IX "keyserv daemon" "" "\&\fIkeyserv\fP daemon" -daemon was started by -.I /etc/rc.local -and is still running. -This daemon performs public key encryption -and stores the private key (encrypted, of course) in -.I /etc/keystore : -.DS -% \fBps aux | grep keyserv\fP -root 1354 0.0 4.1 128 296 p0 I Oct 15 0:13 keyserv -.DE -When users log in with -.I login -.IX "login command" "" "\&\fIlogin\fP command" -or remote log in with -.I rlogin , -these programs use the typed password to decrypt the secret key stored in -.I /etc/publickey . -This becomes the private key, and gets passed to the -.I keyserv -daemon. -If users don't type a password for -.I login -or -.I rlogin , -either because their password field is empty -or because their machine is in the -.I hosts\fR.\fPequiv -.IX "etc/hosts.equiv" "" "\&\fI/etc/hosts.equiv\fP" -file of the remote host, -they can still place a private key in -.I /etc/keystore -by invoking the -.I keylogin (1) -.IX "keylogin command" "" "\&\fIkeylogin\fP command" -program. -Administrators should take care not to delete -.I /etc/keystore -and -.I /etc/.rootkey -(the latter file contains the private key for -.I root ). -.IP 3 -When you reinstall, move, or upgrade a machine, save -.I /etc/keystore -and -.I /etc/.rootkey -along with everything else you normally save. -.LP -.LP -Note that if you -.I login , -.I rlogin , -or -.I telnet -to another machine, are asked for your password, and type it correctly, -you've given away access to your own account. -This is because your secret key is now stored in -.I /etc/keystore -on that remote machine. -This is only a concern if you don't trust the remote machine. -If this is the case, -don't ever log in to a remote machine if it asks for your password. -Instead, use NFS to remote mount the files you're looking for. -At this point there is no -.I keylogout -command, even though there should be. -.LP -The remainder of this chapter discusses the theory of secure networking, -and is useful as a background for both users and administrators. -.# -.NH 1 -\&Security Shortcomings of NFS -.IX "security" "shortcomings of NFS" -.LP -Sun's Remote Procedure Call (RPC) mechanism has proved to be a very -powerful primitive for building network services. -The most well-known of these services is the Network File System (NFS), -a service that provides transparent file-sharing -between heterogeneous machine architectures and operating systems. -The NFS is not without its shortcomings, however. -Currently, an NFS server authenticates a file request by authenticating the -machine making the request, but not the user. -On NFS-based filesystems, it is a simple matter of running -.I su -.IX "su command" "" "\&\fIsu\fP command" -to impersonate the rightful owner of a file. -But the security weaknesses of the NFS are nothing new. -The familiar command -.I rlogin -is subject to exactly the same attacks as the NFS -because it uses the same kind of authentication. -.LP -A common solution to network security problems -is to leave the solution to each application. -A far better solution is to put authentication at the RPC level. -The result is a standard authentication system -that covers all RPC-based applications, -such as the NFS and the Yellow Pages (a name-lookup service). -Our system allows the authentication of users as well as machines. -The advantage of this is that it makes a network environment -more like the older time-sharing environment. -Users can log in on any machine, -just as they could log in on any terminal. -Their login password is their passport to network security. -No knowledge of the underlying authentication system is required. -Our goal was a system that is as secure and easy to use -as a time-sharing system. -.LP -Several remarks are in order. Given -.I root -access and a good knowledge of network programming, -anyone is capable of injecting arbitrary data into the network, -and picking up any data from the network. -However, on a local area network, no machine is capable of packet smashing \(en -capturing packets before they reach their destination, changing the contents, -then sending packets back on their original course \(en -because packets reach all machines, including the server, at the same time. -Packet smashing is possible on a gateway, though, -so make sure you trust all gateways on the network. -The most dangerous attacks are those involving the injection of data, -such as impersonating a user by generating the right packets, -or recording conversations and replaying them later. -These attacks affect data integrity. -Attacks involving passive eavesdropping \(en -merely listening to network traffic without impersonating anybody \(en -are not as dangerous, since data integrity had not been compromised. -Users can protect the privacy of sensitive information -by encrypting data that goes over the network. -It's not easy to make sense of network traffic, anyway. -.# -.NH 1 -\&RPC Authentication -.IX "RPC authentication" -.IX "authentication" "RPC" -.LP -RPC is at the core of the new network security system. -To understand the big picture, -it's necessary to understand how authentication works in RPC. -RPC's authentication is open-ended: -a variety of authentication systems may be plugged into it -and may coexist on the network. -Currently, we have two: UNIX and DES. -UNIX authentication is the older, weaker system; -DES authentication is the new system discussed in this chapter. -Two terms are important for any RPC authentication system: -.I credentials -and -.I verifiers . -Using ID badges as an example, the credential is what identifies a person: -a name, address, birth date, etc. -The verifier is the photo attached to the badge: -you can be sure the badge has not been stolen by checking the photo -on the badge against the person carrying it. -In RPC, things are similar. -The client process sends both a credential and a verifier -to the server with each RPC request. -The server sends back only a verifier, -since the client already knows the server's credentials. -.# -.NH 2 -\&UNIX Authentication -.IX "UNIX authentication" -.IX "authentication" "UNIX" -.LP -UNIX authentication was used by most of Sun's original network services. -The credentials contain the client's machine-name, -.I uid , -.I gid , -and group-access-list. -The verifier contains \fBnothing\fP! -There are two problems with this system. -The glaring problem is the empty verifier, -which makes it easy to cook up the right credential using -.I hostname -.IX "hostname command" "" "\&\fIhostname\fP command" -and -.I su . -.IX "su command" "" "\&\fIsu\fP command" -If you trust all root users in the network, this is not really a problem. -But many networks \(en especially at universities \(en are not this secure. -The NFS tries to combat deficiencies in UNIX authentication -by checking the source Internet address of -.I mount -requests as a verifier of the -.I hostname -field, and accepting requests only from privileged Internet ports. -Still, it is not difficult to circumvent these measures, -and NFS really has no way to verify the user-ID. -.LP -The other problem with UNIX authentication appears in the name UNIX. -It is unrealistic to assume that all machines on a network -will be UNIX machines. -The NFS works with MS-DOS and VMS machines, -but UNIX authentication breaks down when applied to them. -For instance, MS-DOS doesn't even have a notion of different user IDs. -.LP -Given these shortcomings, -it is clear what is needed in a new authentication system: -operating system independent credentials, and secure verifiers. -This is the essence of DES authentication discussed below. -.# -.NH 2 -\&DES Authentication -.IX "DES authentication" -.IX "authentication" "DES" -.LP -The security of DES authentication is based on -a sender's ability to encrypt the current time, -which the receiver can then decrypt and check against its own clock. -The timestamp is encrypted with DES. -Two things are necessary for this scheme to work: -1) the two agents must agree on what the current time is, and -2) the sender and receiver must be using the same encryption key. -.LP -If a network has time synchronization (Berkeley's TEMPO for example), -then client/server time synchronization is performed automatically. -However, if this is not available, -timestamps can be computed using the server's time instead of network time. -In order to do this, the client asks the server what time it is, -before starting the RPC session, -then computes the time difference between its own clock and the server's. -This difference is used to offset the client's clock when computing timestamps. -If the client and server clocks get out of sync -to the point where the server begins rejecting the client's requests, -the DES authentication system just resynchronizes with the server. -.LP -Here's how the client and server arrive at the same encryption key. -When a client wishes to talk to a server, it generates at random -a key to be used for encrypting the timestamps (among other things). -This key is known as the -.I "conversation key, CK." -The client encrypts the conversation key using a public key scheme, -and sends it to the server in its first transaction. -This key is the only thing that is ever encrypted with public key cryptography. -The particular scheme used is described further on in this chapter. -For now, suffice to say that for any two agents A and B, -there is a DES key $K sub AB$ that only A and B can deduce. -This key is known as the -.I "common key," -$K sub AB$. -.EQ -gsize 10 -.EN -.ne 1i -.PS -.in +.7i -circlerad=.4 -boxht=.2 -boxwid=1.3 -circle "\s+9A\s-9" "(client)" at 0,1.2 -circle "\s+9B\s-9" "(server)" at 5.1,1.2 -line invis at .5,2 ; box invis "\fBCredential\fP"; line invis; - box invis "\fBVerifier\fP" -arrow at .5,1.7; box "$A, K sub AB (CK), CK(win)$"; arrow; - box "$CK(t sub 1 ), CK(win + 1)$"; arrow -arrow <- at .5,1.4; line right 1.3; line; - box "$CK(t sub 1 - 1), ID$"; arrow <- -arrow at .5,1; box "ID"; arrow; - box "$CK(t sub 2 )$"; arrow -arrow <- at .5,.7; line right 1.3; line; - box "$CK(t sub 2 - 1), ID$"; arrow <- -arrow at .5,.3; box "ID"; arrow; - box "$CK(t sub n )$"; arrow -arrow <- at .5,0; line right 1.3; line; - box "$CK(t sub n - 1), ID$"; arrow <- -.PE -.EQ -gsize 11 -.EN -.in -.7i -.LP -The figure above illustrates the authentication protocol in more detail, -describing client A talking to server B. -A term of the form $K(x)$ means $x$ encrypted with the DES key $K$. -Examining the figure, you can see that for its first request, -the client's credential contains three things: -its name $A$, the conversation key $CK$ encrypted with the common key -$K sub AB$, and a thing called $win$ (window) encrypted with $CK$. -What the window says to the server, in effect, is this: -.LP -.I -I will be sending you many credentials in the future, -but there may be crackers sending them too, -trying to impersonate me with bogus timestamps. -When you receive a timestamp, check to see if your current time -is somewhere between the timestamp and the timestamp plus the window. -If it's not, please reject the credential. -.LP -For secure NFS filesystems, the window currently defaults to 30 minutes. -The client's verifier in the first request contains the encrypted timestamp -and an encrypted verifier of the specified window, $win + 1$. -The reason this exists is the following. -Suppose somebody wanted to impersonate A by writing a program -that instead of filling in the encrypted fields of the credential and verifier, -just stuffs in random bits. -The server will decrypt CK into some random DES key, -and use it to decrypt the window and the timestamp. -These will just end up as random numbers. -After a few thousand trials, there is a good chance -that the random window/timestamp pair will pass the authentication system. -The window verifier makes guessing the right credential much more difficult. -.LP -After authenticating the client, -the server stores four things into a credential table: -the client's name A, the conversation key $CK$, the window, and the timestamp. -The reason the server stores the first three things should be clear: -it needs them for future use. -The reason for storing the timestamp is to protect against replays. -The server will only accept timestamps -that are chronologically greater than the last one seen, -so any replayed transactions are guaranteed to be rejected. -The server returns to the client in its verifier an index ID -into its credential table, plus the client's timestamp minus one, -encrypted by $CK$. -The client knows that only the server could have sent such a verifier, -since only the server knows what timestamp the client sent. -The reason for subtracting one from it is to insure that it is invalid -and cannot be reused as a client verifier. -.LP -The first transaction is rather complicated, -but after this things go very smoothly. -The client just sends its ID and an encrypted timestamp to the server, -and the server sends back the client's timestamp minus one, -encrypted by $CK$. -.# -.NH 1 -\&Public Key Encryption -.IX "public key encryption" -.LP -The particular public key encryption scheme Sun uses -is the Diffie-Hellman method. -The way this algorithm works is to generate a -.I "secret key" -$SK sub A$ at random -and compute a -.I "public key" -$PK sub A$ using the following formula -($PK$ and $SK$ are 192 bit numbers and \(*a is a well-known constant): -.EQ -PK sub A ~ = ~ alpha sup {SK sub A} -.EN -Public key $PK sub A$ is stored in a public directory, -but secret key $SK sub A$ is kept private. -Next, $PK sub B$ is generated from $SK sub B$ in the same manner as above. -Now common key $K sub AB$ can be derived as follows: -.EQ -K sub AB ~ = ~ PK sub B sup {SK sub A} ~ = ~ -( alpha sup {SK sub B} ) sup {SK sub A} ~ = ~ -alpha sup {( SK sub A SK sub B )} -.EN -Without knowing the client's secret key, -the server can calculate the same common key $K sub AB$ -in a different way, as follows: -.EQ -K sub AB ~ = ~ PK sub A sup {SK sub B} ~ = ~ -( alpha sup {SK sub A} ) sup {SK sub B} ~ = ~ -alpha sup {( SK sub A SK sub B )} -.EN -Notice that nobody else but the server and client can calculate $K sub AB$, -since doing so requires knowing either one secret key or the other. -All of this arithmetic is actually computed modulo $M$, -which is another well-known constant. -It would seem at first that somebody could guess your secret key -by taking the logarithm of your public one, -but $M$ is so large that this is a computationally infeasible task. -To be secure, $K sub AB$ has too many bits to be used as a DES key, -so 56 bits are extracted from it to form the DES key. -.LP -Both the public and the secret keys -are stored indexed by netname in the Yellow Pages map -.I publickey.byname -the secret key is DES-encrypted with your login password. -When you log in to a machine, the -.I login -program grabs your encrypted secret key, -decrypts it with your login password, -and gives it to a secure local keyserver to save -for use in future RPC transactions. -Note that ordinary users do not have to be aware of -their public and secret keys. -In addition to changing your login password, the -.I yppasswd -.IX "yppasswd command" "" "\&\fIyppasswd\fP command" -program randomly generates a new public/secret key pair as well. -.LP -The keyserver -.I keyserv (8c) -.IX "keyserv daemon" "" "\&\fIkeyserv\fP daemon" -is an RPC service local to each machine -that performs all of the public key operations, -of which there are only three. They are: -.DS -setsecretkey(secretkey) -encryptsessionkey(servername, des_key) -decryptsessionkey(clientname, des_key) -.DE -.I setsecretkey() -tells the keyserver to store away your secret key $SK sub A$ for future use; -it is normally called by -.I login . -The client program calls -.I encryptsessionkey() -to generate the encrypted conversation key -that is passed in the first RPC transaction to a server. -The keyserver looks up -.I servername 's -public key and combines it with the client's secret key (set up by a previous -.I setsecretkey() -call) to generate the key that encrypts -.I des_key . -The server asks the keyserver to decrypt the conversation key by calling -.I decryptsessionkey(). -Note that implicit in these procedures is the name of caller, -who must be authenticated in some manner. -The keyserver cannot use DES authentication to do this, -since it would create deadlock. -The keyserver solves this problem by storing the secret keys by -.I uid , -and only granting requests to local root processes. -The client process then executes a -.I setuid -process, owned by root, which makes the request on the part of the client, -telling the keyserver the real -.I uid -of the client. Ideally, the three operations described above -would be system calls, and the kernel would talk to the keyserver directly, -instead of executing the -.I setuid -program. -.# -.NH 1 -\&Naming of Network Entities -.IX "naming of network entities" -.IX "network naming" -.LP -The old UNIX authentication system has a few problems when it comes to naming. -Recall that with UNIX authentication, -the name of a network entity is basically the -.I uid . -These -.I uid s -are assigned per Yellow Pages naming domain, -which typically spans several machines. -We have already stated one problem with this system, -that it is too UNIX system oriented, -but there are two other problems as well. -One is the problem of -.I uid -clashes when domains are linked together. -The other problem is that the super-user (with -.I uid -of 0) should not be assigned on a per-domain basis, -but rather on a per-machine basis. -By default, the NFS deals with this latter problem in a severe manner: -it does not allow root access across the network by -.I uid -0 at all. -.LP -DES authentication corrects these problems -by basing naming upon new names that we call -.I netnames. -Simply put, a netname is just a string of printable characters, -and fundamentally, it is really these netnames that we authenticate. -The public and secret keys are stored on a per-netname, -rather than per-username, basis. -The Yellow Pages map -.I netid.byname -maps the netname into a local -.I uid -and group-access-list, -though non-Sun environments may map the netname into something else. -.LP -We solve the Internet naming problem by choosing globally unique netnames. -This is far easier then choosing globally unique user IDs. -In the Sun environment, user names are unique within each Yellow Page domain. -Netnames are assigned by concatenating the operating system and user ID -with the Yellow Pages and ARPA domain names. -For example, a UNIX system user with a user ID of 508 in the domain -.I eng.sun.COM -would be assigned the following netname: -.I unix.508@eng.sun.COM . -A good convention for naming domains is to append -the ARPA domain name (COM, EDU, GOV, MIL) to the local domain name. -Thus, the Yellow Pages domain -.I eng -within the ARPA domain -.I sun.COM -becomes -.I eng.sun.COM . -.LP -We solve the problem of multiple super-users per domain -by assigning netnames to machines as well as to users. -A machine's netname is formed much like a user's. -For example, a UNIX machine named -.I hal -in the same domain as before has the netname -.I unix.hal@eng.sun.COM . -Proper authentication of machines is very important for diskless machines -that need full access to their home directories over the net. -.LP -Non-Sun environments will have other ways of generating netnames, -but this does not preclude them from accessing -the secure network services of the Sun environment. -To authenticate users from any remote domain, -all that has to be done is make entries for them in two Yellow Pages databases. -One is an entry for their public and secret keys, -the other is for their local -.I uid -and group-access-list mapping. -Upon doing this, users in the remote domain -will be able access all of the local network services, -such as the NFS and remote logins. -.# -.NH 1 -\&Applications of DES Authentication -.IX "applications of DES authentication" -.IX "authentication" "DES" -.LP -The first application of DES authentication -is a generalized Yellow Pages update service. -This service allows users to update private fields in Yellow Page databases. -So far the Yellow Pages maps -.I hosts, -.I ethers, -.I bootparams -and -.I publickey -employ the DES-based update service. -Before the advent of an update service for mail aliases, -Sun had to hire a full-time person just to update mail aliases. -.LP -The second application of DES authentication is the most important: -a more secure Network File System. -There are three security problems with the -old NFS using UNIX authentication. -The first is that verification of credentials occurs only at mount time -when the client gets from the server a piece of information -that is its key to all further requests: the -.I "file handle" . -Security can be broken if one can figure out a file handle -without contacting the server, perhaps by tapping into the net or by guessing. -After an NFS file system has been mounted, -there is no checking of credentials during file requests, -which brings up the second problem. -If a file system has been mounted from a server that serves multiple clients -(as is typically the case), there is no protection -against someone who has root permission on their machine using -.I su -(or some other means of changing -.I uid ) -gaining unauthorized access to other people's files. -The third problem with the NFS is the severe method it uses to circumvent -the problem of not being able to authenticate remote client super-users: -denying them super-user access altogether. -.LP -The new authentication system corrects all of these problems. -Guessing file handles is no longer a problem since in order to gain -unauthorized access, the miscreant will also have to guess the right -encrypted timestamp to place in the credential, -which is a virtually impossible task. -The problem of authenticating root users is solved, -since the new system can authenticate machines. -At this point, however, -secure NFS is not used for root filesystems. -Root users of nonsecure filesystems are identified by IP address. -.LP -Actually, the level of security associated with each filesystem -may be altered by the administrator. The file -.I /etc/exports -.IX "etc/exports" "" "\&\fI/etc/exports\fP" -contains a list of filesystems and which machines may mount them. -By default, filesystems are exported with UNIX authentication, -but the administrator can have them exported with DES authentication -by specifying -.I -secure -on any line in the -.I /etc/exports -file. Associated with DES authentication is a parameter: -the maximum window size that the server is willing to accept. -.# -.NH 1 -\&Security Issues Remaining -.IX "security" "issues remaining" -.IX "remaining security issues" -.LP -There are several ways to break DES authentication, but using -.I su -is not one of them. In order to be authenticated, -your secret key must be stored by your workstation. -This usually occurs when you login, with the -.I login -program decrypting your secret key with your login password, -and storing it away for you. -If somebody tries to use -.I su -to impersonate you, it won't work, -because they won't be able to decrypt your secret key. Editing -.I /etc/passwd -isn't going to help them either, because the thing they need to edit, -your encrypted secret key, is stored in the Yellow Pages. -If you log into somebody else's workstation and type in your password, -then your secret key would be stored in their workstation and they could use -.I su -to impersonate you. But this is not a problem since you should not -be giving away your password to a machine you don't trust anyway. -Someone on that machine could just as easily change -.I login -to save all the passwords it sees into a file. -.LP -Not having -.I su -to employ any more, how can nefarious users impersonate others now? -Probably the easiest way is to guess somebody's password, -since most people don't choose very secure passwords. -We offer no protection against this; -it's up to each user to choose a secure password. -.LP -The next best attack would be to attempt replays. -For example, let's say I have been squirreling away -all of your NFS transactions with a particular server. -As long as the server remains up, -I won't succeed by replaying them since the server always demands timestamps -that are greater than the previous ones seen. -But suppose I go and pull the plug on your server, causing it to crash. -As it reboots, its credential table will be clean, -so it has lost all track of previously seen timestamps, -and now I am free to replay your transactions. -There are few things to be said about this. -First of all, servers should be kept in a secure place -so that no one can go and pull the plug on them. -But even if they are physically secure, -servers occasionally crash without any help. -Replaying transactions is not a very big security problem, -but even so, there is protection against it. -If a client specifies a window size that is smaller than the time it takes -a server to reboot (5 to 10 minutes), the server will reject -any replayed transactions because they will have expired. -.LP -There are other ways to break DES authentication, -but they are much more difficult. -These methods involve breaking the DES key itself, -or computing the logarithm of the public key, -both of which would would take months of compute time on a supercomputer. -But it is important to keep our goals in mind. -Sun did not aim for super-secure network computing. -What we wanted was something as secure as a good time-sharing system, -and in that we have been successful. -.LP -There is another security issue that DES authentication does not address, -and that is tapping of the net. -Even with DES authentication in place, -there is no protection against somebody watching what goes across the net. -This is not a big problem for most things, -such as the NFS, since very few files are not publically readable, and besides, -trying to make sense of all the bits flying over the net is not a trivial task. -For logins, this is a bit of a problem because you wouldn't -want somebody to pick up your password over the net. -As we mentioned before, -a side effect of the authentication system is a key exchange, -so that the network tapping problem can be tackled on a per-application basis. -.# -.NH 1 -\&Performance -.IX "performance of DES authentication" -.IX "authentication" "performance" -.LP -Public key systems are known to be slow, -but there is not much actual public key encryption going on in Sun's system. -Public key encryption only occurs in the first transaction with a service, -and even then, there is caching that speeds things up considerably. -The first time a client program contacts a server, -both it and the server will have to calculate the common key. -The time it takes to compute the common key is basically the time it takes -to compute an exponential modulo $M$. -On a Sun-3 using a 192-bit modulus, this takes roughly 1 second, -which means it takes 2 seconds just to get things started, -since both client and server have to perform this operation. -This is a long time, -but you have to wait only the first time you contact a machine. -Since the keyserver caches the results of previous computations, -it does not have to recompute the exponential every time. -.LP -The most important service in terms of performance is the secure NFS, -which is acceptably fast. -The extra overhead that DES authentication requires versus UNIX authentication -is the encryption. -A timestamp is a 64-bit quantity, -which also happens to be the DES block size. -Four encryption operations take place in an average RPC transaction: -the client encrypts the request timestamp, the server decrypts it, -the server encrypts the reply timestamp, and the client decrypts it. -On a Sun-3, the time it takes to encrypt one block is about -half a millisecond if performed by hardware, -and 1.2 milliseconds if performed by software. -So, the extra time added to the round trip time is about -2 milliseconds for hardware encryption and 5 for software. -The round trip time for the average NFS request is about 20 milliseconds, -resulting in a performance hit of 10 percent if one has encryption hardware, -and 25 percent if not. -Remember that this is the impact on network performance. -The fact is that not all file operations go over the wire, -so the impact on total system performance will actually be lower than this. -It is also important to remember that security is optional, -so environments that require higher performance can turn it off. -.# -.NH 1 -\&Problems with Booting and \&\fBsetuid\fP Programs -.IX "problems with booting and \&\fIsetuid\fP programs" -.IX "booting and \&\fIsetuid\fP problems" -.LP -Consider the problem of a machine rebooting, -say after a power failure at some strange hour when nobody is around. -All of the secret keys that were stored get wiped out, -and now no process will be able to access secure network services, -such as mounting an NFS filesystem. -The important processes at this time are usually root processes, -so things would work OK if root's secret key were stored away, -but nobody is around to type the password that decrypts it. -The solution to this problem is to store root's decrypted secret key in a file, -which the keyserver can read. -This works well for diskful machines that can store the secret key -on a physically secure local disk, -but not so well for diskless machines, -whose secret key must be stored across the network. -If you tap the net when a diskless machine is booting, -you will find the decrypted key. -This is not very easy to accomplish, though. -.LP -Another booting problem is the single-user boot. -There is a mode of booting known as single-user mode, where a -.I root -login shell appears on the console. -The problem here is that a password is not required for this. -With C2 security installed, -a password is required in order to boot single-user. -Without C2 security installed, -machines can still be booted single-user without a password, -as long as the entry for -.I console -in the -.I /etc/ttytab -.IX "etc/ttytab" "" "\&\fI/etc/ttytab\fP" -file is labeled as physically -.I secure -(this is the default). -.LP -Yet another problem is that diskless machine booting is not totally secure. -It is possible for somebody to impersonate the boot-server, -and boot a devious kernel that, for example, -makes a record of your secret key on a remote machine. -The problem is that our system is set up to provide protection -only after the kernel and the keyserver are running. -Before that, there is no way to authenticate -the replies given by the boot server. -We don't consider this a serious problem, -because it is highly unlikely that somebody would be able to write -this funny kernel without source code. -Also, the crime is not without evidence. -If you polled the net for boot-servers, -you would discover the devious boot-server's location. -.LP -Not all -.I setuid -programs will behave as they should. -For example, if a -.I setuid -program is owned by -.I dave , -who has not logged into the machine since it booted, -then the program will not be able to access any secure network services as -.I dave . -The good news is that most -.I setuid -programs are owned by root, -and since root's secret key is always stored at boot time, -these programs will behave as they always have. -.# -.NH 1 -\&Conclusion -.IX "network security" "summary" -.LP -Our goal was to build a system as secure as a time-shared system. -This goal has been met. -The way you are authenticated in a time-sharing system -is by knowing your password. -With DES authentication, the same is true. -In time-sharing the person you trust is your system administrator, -who has an ethical obligation -not to change your password in order to impersonate you. -In Sun's system, you trust your network administrator, -who does not alter your entry in the public key database. -In one sense, our system is even more secure than time-sharing, -because it is useless to place a tap on the network -in hopes of catching a password or encryption key, -since these are encrypted. -Most time-sharing environments do not encrypt data emanating from the terminal; -users must trust that nobody is tapping their terminal lines. -.LP -DES authentication is perhaps not the ultimate authentication system. -In the future it is likely there will be sufficient advances -in algorithms and hardware to render the public key system -as we have defined it useless. -But at least DES authentication offers a smooth migration path for the future. -Syntactically speaking, -nothing in the protocol requires the encryption of the conversation -key to be Diffie-Hellman, or even public key encryption in general. -To make the authentication stronger in the future, -all that needs to be done is to strengthen the way -the conversation key is encrypted. -Semantically, this will be a different protocol, -but the beauty of RPC is that it can be plugged in -and live peacefully with any authentication system. -.LP -For the present at least, DES authentication satisfies our requirements -for a secure networking environment. -From it we built a system secure enough for use in unfriendly networks, -such as a student-run university workstation environment. -The price for this security is not high. -Nobody has to carry around a magnetic card or remember -any hundred digit numbers. -You use your login password to authenticate yourself, just as before. -There is a small impact on performance, -but if this worries you and you have a friendly net, -you can turn authentication off. -.# -.NH 1 -\&References -.IX "references on network security" -.LP -Diffie and Hellman, ``New Directions in Cryptography,'' -\fIIEEE Transactions on Information Theory IT-22,\fP -November 1976. -.LP -Gusella & Zatti, ``TEMPO: A Network Time Controller -for a Distributed Berkeley UNIX System,'' -\fIUSENIX 1984 Summer Conference Proceedings,\fP -June 1984. -.LP -National Bureau of Standards, ``Data Encryption Standard,'' -\fIFederal Information Processing Standards Publication 46,\fP -January 15, 1977. -.LP -Needham & Schroeder, ``Using Encryption for Authentication -in Large Networks of Computers,'' -\fIXerox Corporation CSL-78-4,\fP -September 1978. -.EQ -delim off -.EN -.IX "security" "of networks" "" "" PAGE END -.IX "network security" "" "" "" PAGE END -.IX "NFS security" "" "" "" PAGE END diff --git a/lib/librpc/secure_rpc/keyserv/Makefile b/lib/librpc/secure_rpc/keyserv/Makefile deleted file mode 100644 index de6771e..0000000 --- a/lib/librpc/secure_rpc/keyserv/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# @(#)Makefile 2.4 88/08/15 4.0 RPCSRC; from 1.9 87/11/29 SMI -# -CFLAGS= -O -RPCLIB= -lrpclib -#RPCLIB= -lrpcsvc - -KEYSERV_OBJS = keyserv.o setkey.o detach.o mp.o -KEYENVOY_OBJS = keyenvoy.o -SRCS = keyserv.c setkey.c detach.c keyenvoy.c mp.c - -ALL= keyserv keyenvoy - -all: $(ALL) - -keyserv: $(KEYSERV_OBJS) - $(CC) $(CFLAGS) $(KEYSERV_OBJS) -lmp $(LIBC) $(RPCLIB) -o $@ - -keyenvoy: $(KEYENVOY_OBJS) - $(CC) $(CFLAGS) $(KEYENVOY_OBJS) $(LIBC) $(RPCLIB) -o $@ - -clean: - rm -f $(ALL) $(KEYSERV_OBJS) $(KEYENVOY_OBJS) - -install: $(ALL) - install -s -m 755 keyserv $(DESTDIR)/usr/etc - install -s -m 4755 keyenvoy $(DESTDIR)/usr/etc - -depend: - rm -f makedep - for i in ${SRCS}; do \ - ${CC} -M ${INCPATH} $$i | \ - awk ' { if ($$1 != prev) { print rec; rec = $$0; prev = $$1; } \ - else { if (length(rec $$2) > 78) { print rec; rec = $$0; } \ - else rec = rec " " $$2 } } \ - END { print rec } ' >> makedep; done - echo '/^# DO NOT DELETE THIS LINE/+2,$$d' >eddep - echo '$$r makedep' >>eddep - echo 'w' >>eddep - cp Makefile Makefile.bak - ed - Makefile < eddep - rm eddep makedep - echo '# DEPENDENCIES MUST END AT END OF FILE' >> Makefile - echo '# IF YOU PUT STUFF HERE IT WILL GO AWAY' >> Makefile - echo '# see make depend above' >> Makefile - -# DO NOT DELETE THIS LINE -- make depend uses it - - diff --git a/lib/librpc/secure_rpc/keyserv/detach.c b/lib/librpc/secure_rpc/keyserv/detach.c deleted file mode 100644 index ff1fac3..0000000 --- a/lib/librpc/secure_rpc/keyserv/detach.c +++ /dev/null @@ -1,69 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)detach.c 2.2 88/08/10 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -#include <sys/ioctl.h> -#include <fcntl.h> - -/* - * detach from tty - */ -detachfromtty() -{ - int tt; - - close(0); - close(1); - close(2); - switch (fork()) { - case -1: - perror("fork"); - break; - case 0: - break; - default: - exit(0); - } - tt = open("/dev/tty", O_RDWR); - if (tt > 0) { - ioctl(tt, TIOCNOTTY, 0); - close(tt); - } - (void)open("/dev/null", O_RDWR, 0); - dup(0); - dup(0); -} - - diff --git a/lib/librpc/secure_rpc/keyserv/keyenvoy.c b/lib/librpc/secure_rpc/keyserv/keyenvoy.c deleted file mode 100644 index 5379651..0000000 --- a/lib/librpc/secure_rpc/keyserv/keyenvoy.c +++ /dev/null @@ -1,213 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)keyenvoy.c 2.2 88/08/10 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (C) 1986, Sun Microsystems, Inc. - */ -#include <stdio.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> -#include <sys/socket.h> -#include <sys/types.h> -#include <sys/time.h> -#include <fcntl.h> - -/* - * Talk to the keyserver on a privileged port on the part of a calling program. - * - * Protocol is for caller to send through stdin the procedure number - * to call followed by the argument data. We call the keyserver, and - * send the results back to the caller through stdout. - * Non-zero exit status means something went wrong. - */ - -#ifndef DEBUG -#define debug(msg) -#endif - -#define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */ -#define TOTAL_TRIES 10 /* Number of tries */ - -/* - * Opaque data that we send and receive - */ -#define MAXOPAQUE 256 -struct opaqn { - u_int len; - u_int data[MAXOPAQUE]; -}; -bool_t xdr_opaqn(); - - -main(argc,argv) - int argc; - char *argv[]; -{ - XDR xdrs_args; - XDR xdrs_rslt; - int proc; - struct opaqn args, rslt; - - - if (isatty(0)) { - fprintf(stderr, - "This program cannot be used interactively.\n"); - exit(1); - } - -#ifdef DEBUG - close(2); - open("/dev/console", O_WRONLY, 0); -#endif - - xdrstdio_create(&xdrs_args, stdin, XDR_DECODE); - xdrstdio_create(&xdrs_rslt, stdout, XDR_ENCODE); - - if ( ! xdr_u_long(&xdrs_args, &proc)) { - debug("no proc"); - exit(1); - } - if (! xdr_opaqn(&xdrs_args, &args)) { - debug("recving args failed"); - exit(1); - } - if (! callkeyserver(proc, xdr_opaqn, &args, xdr_opaqn, &rslt)) { - debug("rpc_call failed"); - exit(1); - } - if (! xdr_opaqn(&xdrs_rslt, &rslt)) { - debug("sending args failed"); - exit(1); - } - exit(0); -} - - - -callkeyserver(proc, xdr_args, args, xdr_rslt, rslt) - u_long proc; - bool_t (*xdr_args)(); - void *args; - bool_t (*xdr_rslt)(); - void *rslt; - -{ - struct sockaddr_in remote; - int port; - struct timeval wait; - enum clnt_stat stat; - CLIENT *client; - int sd; - - /* - * set up the remote address - * and create client - */ - remote.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - remote.sin_family = AF_INET; - remote.sin_port = 0; - wait.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES; wait.tv_usec = 0; - sd = RPC_ANYSOCK; - client = clntudp_create(&remote, KEY_PROG, KEY_VERS, wait, &sd); - if (client == NULL) { - debug("no client"); - return (0); - } - - /* - * Check that server is bound to a reserved port, so - * that noone can masquerade as the keyserver. - */ - if (ntohs(remote.sin_port) >= IPPORT_RESERVED) { - debug("insecure port"); - return (0); - } - - /* - * Create authentication - * All we care about really is sending the real uid - */ - client->cl_auth = authunix_create("", getuid(), 0, 0, NULL); - if (client->cl_auth == NULL) { - debug("no auth"); - return (0); - } - wait.tv_sec = TOTAL_TIMEOUT; wait.tv_usec = 0; - stat = clnt_call(client, proc, xdr_args, args, xdr_rslt, rslt, wait); - if (stat != RPC_SUCCESS) { - debug("clnt_call failed"); - } - return (stat == RPC_SUCCESS); -} - - -/* - * XDR opaque data - * Don't know the length on decode, so just keep receiving until failure. - */ -bool_t -xdr_opaqn(xdrs, objp) - XDR *xdrs; - struct opaqn *objp; -{ - int i; - - switch (xdrs->x_op) { - case XDR_FREE: - break; - case XDR_DECODE: - for (i = 0; i < MAXOPAQUE && xdr_int(xdrs, &objp->data[i]); i++) { - } - if (i == MAXOPAQUE) { - return (FALSE); - } - objp->len = i; - break; - case XDR_ENCODE: - for (i = 0; i < objp->len; i++) { - if (! xdr_int(xdrs, &objp->data[i])) { - return (FALSE); - } - } - break; - } - return (TRUE); -} - - -#ifdef DEBUG -debug(msg) - char *msg; -{ - fprintf(stderr, "%s\n", msg); -} -#endif diff --git a/lib/librpc/secure_rpc/keyserv/keyserv.c b/lib/librpc/secure_rpc/keyserv/keyserv.c deleted file mode 100644 index d82dc12..0000000 --- a/lib/librpc/secure_rpc/keyserv/keyserv.c +++ /dev/null @@ -1,458 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)keyserv.c 2.4 88/08/15 4.0 RPCSRC Copyr 1988 Sun Micro"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -/* - * Keyserver - * Store secret keys per uid. Do public key encryption and decryption - * operations. Generate "random" keys. Do not talk to anything but a local root - * process (by checking that the source port < IPPORT_RESERVED and by binding - * to the loopback address). - */ - -#include <stdio.h> -#include <sys/param.h> -#include <rpc/rpc.h> -#include <sys/file.h> -#include <sys/socket.h> -#include <pwd.h> -#include <des_crypt.h> -#include <rpc/key_prot.h> - - -char ROOTKEY[] = "/etc/.rootkey"; - -extern long random(); - -extern keystatus pk_setkey(); -extern keystatus pk_encrypt(); -extern keystatus pk_decrypt(); - - -#ifdef DEBUG -int debugging = 1; -#else -int debugging = 0; -#endif - -static void keyprogram(); -des_block masterkey; - -main(argc, argv) - int argc; - char *argv[]; - -{ - SVCXPRT *transp; - int nflag; - - nflag = (argc == 2) && (strcmp(argv[1], "-n") == 0); - if (!(argc == 1 || nflag)) { - (void) fprintf(stderr, "usage: %s [-n]\n", argv[0]); - exit(1); - } - /* - * Initialize - */ - (void) umask(066); /* paranoia */ - if (geteuid() != 0) { - (void) fprintf(stderr, "%s must be run as root\n", argv[0]); - exit(1); - } - setmodulus(HEXMODULUS); - openstore(); - getrootkey(&masterkey, nflag); - readkeys(); - - /* - * create the service, register it, and run - */ - transp = svcudp_create(RPC_ANYSOCK); - if (transp == NULL) { - (void) fprintf(stderr, - "%s: unable to create udp service\n", argv[0]); - exit(1); - } - pmap_unset(KEY_PROG, KEY_VERS); - if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, - IPPROTO_UDP)) { - (void) fprintf(stderr, "%s: unable to register service\n", - argv[0]); - exit(1); - } - /* - * run - */ - if (!debugging) { - detachfromtty(); - } - svc_run(); - abort(); -} - -/* - * In the event that we don't get a root password, we try to randomize the - * master key the best we can - */ -randomize(master) - des_block *master; -{ - int i; - int seed; - struct timeval tv; - int shift; - - seed = 0; - for (i = 0; i < 1024; i++) { - (void) gettimeofday(&tv, (struct timezone *) NULL); - shift = i % 8 * sizeof(int); - seed ^= (tv.tv_usec << shift) | (tv.tv_usec >> (32 - shift)); - } - srandom(seed); - master->key.low = random(); - master->key.high = random(); - srandom(seed); -} - - - -/* - * Try to get root's secret key, by prompting if terminal is a tty, else trying - * from standard input. - */ -getrootkey(master, prompt) - des_block *master; - int prompt; -{ - char *getpass(); - char *passwd; - char name[MAXNETNAMELEN + 1]; - char secret[HEXKEYBYTES + 1]; - char *crypt(); - int fd; - - if (!prompt) { - /* - * Read secret key out of $ROOTKEY - */ - fd = open(ROOTKEY, O_RDONLY, 0); - if (fd < 0) { - randomize(master); - return (0); - } - if (read(fd, secret, HEXKEYBYTES) < 0) { - (void) fprintf(stderr, "Invalid %s\n", ROOTKEY); - (void) close(fd); - return (0); - } - (void) close(fd); - secret[HEXKEYBYTES] = 0; - } else { - /* - * Decrypt yellow pages entry to get secret key - */ - passwd = getpass("root password:"); - passwd2des(passwd, master); - getnetname(name); - if (!getsecretkey(name, secret, passwd)) { - (void) fprintf(stderr, - "Can't find %s's secret key\n", name); - return (0); - } - if (secret[0] == 0) { - (void) fprintf(stderr, - "Invalid password for %s\n", name); - return (0); - } - } - (void) pk_setkey(0, secret); - return (1); -} - - -/* - * Procedures to implement RPC service - */ - -char * -strstatus(status) - keystatus status; -{ - switch (status) { - case KEY_SUCCESS: - return ("KEY_SUCCESS"); - case KEY_NOSECRET: - return ("KEY_NOSECRET"); - case KEY_UNKNOWN: - return ("KEY_UNKNOWN"); - case KEY_SYSTEMERR: - return ("KEY_SYSTEMERR"); - default: - return ("(bad result code)"); - } -} - -keystatus * -key_set_1(uid, key) - short uid; - keybuf key; -{ - static keystatus status; - - if (debugging) { - (void) fprintf(stderr, "set(%d, %.*s) = ", uid, - sizeof(keybuf), key); - } - status = pk_setkey(uid, key); - if (debugging) { - (void) fprintf(stderr, "%s\n", strstatus(status)); - (void) fflush(stderr); - } - return (&status); -} - - - -cryptkeyres * -key_encrypt_1(uid, arg) - short uid; - cryptkeyarg *arg; -{ - static cryptkeyres res; - - if (debugging) { - (void) fprintf(stderr, "encrypt(%d, %s, %08x%08x) = ", uid, - arg->remotename, arg->deskey.key.high, - arg->deskey.key.low); - } - res.cryptkeyres_u.deskey = arg->deskey; - res.status = pk_encrypt(uid, arg->remotename, &res.cryptkeyres_u.deskey); - if (debugging) { - if (res.status == KEY_SUCCESS) { - (void) fprintf(stderr, "%08x%08x\n", - res.cryptkeyres_u.deskey.key.high, - res.cryptkeyres_u.deskey.key.low); - } else { - (void) fprintf(stderr, - "%s\n", strstatus(res.status)); - } - (void) fflush(stderr); - } - return (&res); -} - -cryptkeyres * -key_decrypt_1(uid, arg) - short uid; - cryptkeyarg *arg; -{ - static cryptkeyres res; - - if (debugging) { - (void) fprintf(stderr, "decrypt(%d, %s, %08x%08x) = ", uid, - arg->remotename, arg->deskey.key.high, - arg->deskey.key.low); - } - res.cryptkeyres_u.deskey = arg->deskey; - res.status = pk_decrypt(uid, arg->remotename, - &res.cryptkeyres_u.deskey); - if (debugging) { - if (res.status == KEY_SUCCESS) { - (void) fprintf(stderr, "%08x%08x\n", - res.cryptkeyres_u.deskey.key.high, - res.cryptkeyres_u.deskey.key.low); - } else { - (void) fprintf(stderr, "%s\n", strstatus(res.status)); - } - (void) fflush(stderr); - } - return (&res); -} - -des_block * -key_gen_1() -{ - struct timeval time; - static des_block keygen; - static des_block key; - - (void) gettimeofday(&time, (struct timezone *) NULL); - keygen.key.high += (time.tv_sec ^ time.tv_usec); - keygen.key.low += (time.tv_sec ^ time.tv_usec); - ecb_crypt(&masterkey, &keygen, sizeof(keygen), DES_ENCRYPT | DES_HW); - key = keygen; - des_setparity(&key); - if (debugging) { - (void) fprintf(stderr, "gen() = %08x%08x\n", key.key.high, - key.key.low); - (void) fflush(stderr); - } - return (&key); -} - -/* ARGSUSED */ -getcredres * -key_getcred_1(uid, name) - short uid; - netnamestr *name; -{ - static getcredres res; - static int gids[NGROUPS]; - struct unixcred *cred; - - cred = &res.getcredres_u.cred; - cred->gids.gids_val = gids; - if (!netname2user(*name, &cred->uid, &cred->gid, - &cred->gids.gids_len, gids)) { - res.status = KEY_UNKNOWN; - } else { - res.status = KEY_SUCCESS; - } - if (debugging) { - (void) fprintf(stderr, "getcred(%s) = ", *name); - if (res.status == KEY_SUCCESS) { - (void) fprintf(stderr, "uid=%d,gid=%d,grouplen=%d\n", - cred->uid, cred->gid, cred->gids.gids_len); - } else { - (void) fprintf(stderr, "%s\n", strstatus(res.status)); - } - (void) fflush(stderr); - } - return (&res); -} - - -/* - * RPC boilerplate - */ -static void -keyprogram(rqstp, transp) - struct svc_req *rqstp; - SVCXPRT *transp; -{ - union { - keybuf key_set_1_arg; - cryptkeyarg key_encrypt_1_arg; - cryptkeyarg key_decrypt_1_arg; - des_block key_gen_1_arg; - } argument; - char *result; - - bool_t(*xdr_argument) (), (*xdr_result) (); - char *(*local) (); - struct sockaddr_in remote; - int uid; - int check_auth; - - switch (rqstp->rq_proc) { - case NULLPROC: - svc_sendreply(transp, xdr_void, (char *) NULL); - return; - - case KEY_SET: - xdr_argument = xdr_keybuf; - xdr_result = xdr_int; - local = (char *(*)()) key_set_1; - check_auth = 1; - break; - - case KEY_ENCRYPT: - xdr_argument = xdr_cryptkeyarg; - xdr_result = xdr_cryptkeyres; - local = (char *(*)()) key_encrypt_1; - check_auth = 1; - break; - - case KEY_DECRYPT: - xdr_argument = xdr_cryptkeyarg; - xdr_result = xdr_cryptkeyres; - local = (char *(*)()) key_decrypt_1; - check_auth = 1; - break; - - case KEY_GEN: - xdr_argument = xdr_void; - xdr_result = xdr_des_block; - local = (char *(*)()) key_gen_1; - check_auth = 0; - break; - - case KEY_GETCRED: - xdr_argument = xdr_netnamestr; - xdr_result = xdr_getcredres; - local = (char *(*)()) key_getcred_1; - check_auth = 0; - break; - - default: - svcerr_noproc(transp); - return; - } - if (check_auth) { - remote = *svc_getcaller(transp); - if (ntohs(remote.sin_port) >= IPPORT_RESERVED || - ntohl(remote.sin_addr.s_addr) != INADDR_LOOPBACK) { - if (debugging) { - (void) fprintf(stderr, - "not local privileged process\n"); - } - svcerr_weakauth(transp); - return; - } - if (rqstp->rq_cred.oa_flavor != AUTH_UNIX) { - if (debugging) { - (void) fprintf(stderr, - "not unix authentication\n"); - } - svcerr_weakauth(transp); - return; - } - uid = ((struct authunix_parms *) rqstp->rq_clntcred)->aup_uid; - } - bzero((char *) &argument, sizeof(argument)); - if (!svc_getargs(transp, xdr_argument, &argument)) { - svcerr_decode(transp); - return; - } - result = (*local) (uid, &argument); - if (!svc_sendreply(transp, xdr_result, (char *) result)) { - (void) fprintf(stderr, "unable to reply\n"); - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, &argument)) { - (void) fprintf(stderr, "unable to free arguments\n"); - exit(1); - } -} diff --git a/lib/librpc/secure_rpc/keyserv/mp.c b/lib/librpc/secure_rpc/keyserv/mp.c deleted file mode 100644 index 97c85b0..0000000 --- a/lib/librpc/secure_rpc/keyserv/mp.c +++ /dev/null @@ -1,145 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)mp.c 2.1 88/08/15 4.0 RPCSRC Copyr 1988 Sun Micro"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * These routines add hexadecimal functionality to the multiple-precision - * library. - */ -#include <stdio.h> -#include <mp.h> - -void mfree(); - -/* - * Convert hex digit to binary value - */ -static int -xtoi(c) - char c; -{ - if (c >= '0' && c <= '9') { - return(c - '0'); - } else if (c >= 'a' && c <= 'f') { - return(c - 'a' + 10); - } else { - return(-1); - } -} - -/* - * Convert hex key to MINT key - */ -MINT * -xtom(key) - char *key; -{ - int digit; - MINT *m = itom(0); - MINT *d; - MINT *sixteen; - sixteen = itom(16); - for (; *key; key++) { - digit = xtoi(*key); - if (digit < 0) { - return(NULL); - } - d = itom(digit); - mult(m,sixteen,m); - madd(m,d,m); - mfree(d); - } - mfree(sixteen); - return(m); -} -static char -itox(d) - short d; -{ - d &= 15; - if (d < 10) { - return('0' + d); - } else { - return('a' - 10 + d); - } -} -/* - * Convert MINT key to hex key - */ -char * -mtox(key) - MINT *key; -{ - MINT *m = itom(0); - MINT *zero = itom(0); - short r; - char *p; - char c; - char *s; - char *hex; - int size; -#define BASEBITS (8*sizeof(short) - 1) - if (key->len >= 0) { - size = key->len; - } else { - size = -key->len; - } - hex = malloc((unsigned) ((size * BASEBITS + 3)) / 4 + 1); - if (hex == NULL) { - return(NULL); - } - move(key,m); - p = hex; - do { - sdiv(m,16,m,&r); - *p++ = itox(r); - } while (mcmp(m,zero) != 0); - mfree(m); - mfree(zero); - *p = 0; - for (p--, s = hex; s < p; s++, p--) { - c = *p; - *p = *s; - *s = c; - } - return(hex); -} -/* - * Deallocate a multiple precision integer - */ -void -mfree(a) - MINT *a; -{ - xfree(a); - free((char *)a); -} - diff --git a/lib/librpc/secure_rpc/keyserv/setkey.c b/lib/librpc/secure_rpc/keyserv/setkey.c deleted file mode 100644 index d62dc9c..0000000 --- a/lib/librpc/secure_rpc/keyserv/setkey.c +++ /dev/null @@ -1,514 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)setkey.c 2.2 88/08/10 4.0 RPCSRC; from Copyr 1988 Sun Micro"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -/* - * Do the real work of the keyserver . - * Store secret keys. Compute common keys, - * and use them to decrypt and encrypt DES keys . - * Cache the common keys, so the - * expensive computation is avoided. - */ -#include <stdio.h> -#include <sys/file.h> -#include <mp.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> -#include <des_crypt.h> -#include <sys/errno.h> - -extern char *malloc(); -extern char ROOTKEY[]; - -static MINT *MODULUS; -static char *fetchsecretkey(); -static keystatus pk_crypt(); - - -/* - * Set the modulus for all our Diffie-Hellman operations - */ -setmodulus(modx) - char *modx; -{ - MODULUS = xtom(modx); -} - - -/* - * Set the secretkey key for this uid - */ -keystatus -pk_setkey(uid, skey) - short uid; - keybuf skey; -{ - if (!storesecretkey(uid, skey)) { - return (KEY_SYSTEMERR); - } - return (KEY_SUCCESS); -} - - -/* - * Encrypt the key using the public key associated with remote_name and the - * secret key associated with uid. - */ -keystatus -pk_encrypt(uid, remote_name, key) - short uid; - char *remote_name; - des_block *key; -{ - return (pk_crypt(uid, remote_name, key, DES_ENCRYPT)); -} - - -/* - * Decrypt the key using the public key associated with remote_name and the - * secret key associated with uid. - */ -keystatus -pk_decrypt(uid, remote_name, key) - short uid; - char *remote_name; - des_block *key; -{ - return (pk_crypt(uid, remote_name, key, DES_DECRYPT)); -} - - -/* - * Do the work of pk_encrypt && pk_decrypt - */ -static keystatus -pk_crypt(uid, remote_name, key, mode) - short uid; - char *remote_name; - des_block *key; - int mode; -{ - char *xsecret; - char xpublic[HEXKEYBYTES + 1]; - char xsecret_hold[HEXKEYBYTES + 1]; - des_block deskey; - int err; - MINT *public; - MINT *secret; - MINT *common; - char zero[8]; - - xsecret = fetchsecretkey(uid); - if (xsecret == NULL) { - bzero(zero, sizeof(zero)); - xsecret = xsecret_hold; - if (!getsecretkey("nobody", xsecret, zero) || - xsecret[0] == 0) { - return (KEY_NOSECRET); - } - } - if (!getpublickey(remote_name, xpublic) && - !getpublickey("nobody", xpublic)) { - return (KEY_UNKNOWN); - } - if (!readcache(xpublic, xsecret, &deskey)) { - public = xtom(xpublic); - secret = xtom(xsecret); - common = itom(0); - pow(public, secret, MODULUS, common); - extractdeskey(common, &deskey); - writecache(xpublic, xsecret, &deskey); - mfree(secret); - mfree(public); - mfree(common); - } - err = ecb_crypt(&deskey, key, sizeof(des_block), DES_HW | mode); - if (DES_FAILED(err)) { - return (KEY_SYSTEMERR); - } - return (KEY_SUCCESS); -} - - -/* - * Choose middle 64 bits of the common key to use as our des key, possibly - * overwriting the lower order bits by setting parity. - */ -static -extractdeskey(ck, deskey) - MINT *ck; - des_block *deskey; -{ - MINT *a; - short r; - int i; - short base = (1 << 8); - char *k; - - - a = itom(0); - move(ck, a); - for (i = 0; i < ((KEYSIZE - 64) / 2) / 8; i++) { - sdiv(a, base, a, &r); - } - k = deskey->c; - for (i = 0; i < 8; i++) { - sdiv(a, base, a, &r); - *k++ = r; - } - mfree(a); - des_setparity(deskey); -} - - -/* - * Key storage management - */ - -struct secretkey_list { - short uid; - char secretkey[HEXKEYBYTES+1]; - struct secretkey_list *next; -}; - -static struct secretkey_list *g_secretkeys; - -/* - * Fetch the secret key for this uid - */ -static char * -fetchsecretkey(uid) - short uid; -{ - struct secretkey_list *l; - - for (l = g_secretkeys; l != NULL; l = l->next) { - if (l->uid == uid) { - return (l->secretkey); - } - } - return (NULL); -} - -/* - * Store the secretkey for this uid - */ -storesecretkey(uid, key) - short uid; - keybuf key; -{ - struct secretkey_list *new; - struct secretkey_list **l; - int nitems; - - - nitems = 0; - for (l = &g_secretkeys; *l != NULL && (*l)->uid != uid; - l = &(*l)->next) { - nitems++; - } - if (*l == NULL) { - new = (struct secretkey_list *)malloc(sizeof(*new)); - if (new == NULL) { - return (0); - } - new->uid = uid; - new->next = NULL; - *l = new; - } else { - new = *l; - } - bcopy(key, new->secretkey, HEXKEYBYTES); - new->secretkey[HEXKEYBYTES] = 0; - seekitem(nitems); - writeitem(uid, new->secretkey); - return (1); -} - - -hexdigit(val) - int val; -{ - return ("0123456789abcdef"[val]); - -} -bin2hex(bin, hex, size) - unsigned char *bin; - unsigned char *hex; - int size; -{ - int i; - - for (i = 0; i < size; i++) { - *hex++ = hexdigit(*bin >> 4); - *hex++ = hexdigit(*bin++ & 0xf); - } -} - -hexval(dig) - char dig; -{ - if ('0' <= dig && dig <= '9') { - return (dig - '0'); - } else if ('a' <= dig && dig <= 'f') { - return (dig - 'a' + 10); - } else if ('A' <= dig && dig <= 'F') { - return (dig - 'A' + 10); - } else { - return (-1); - } -} - -hex2bin(hex, bin, size) - unsigned char *hex; - unsigned char *bin; - int size; -{ - int i; - - for (i = 0; i < size; i++) { - *bin = hexval(*hex++) << 4; - *bin++ |= hexval(*hex++); - } -} - -static char KEYSTORE[] = "/etc/keystore"; -FILE *kf; - -openstore() -{ - kf = fopen(KEYSTORE, "r+"); - if (kf == NULL) { - kf = fopen(KEYSTORE, "w+"); - if (kf == NULL) { - return (0); - } - } - setbuf(kf, NULL); - return (1); -} - -static char rootkey[KEYBYTES]; -static int haverootkey; -struct storedkey { - short uid; - char crypt[KEYBYTES]; -}; - -readkeys() -{ - struct secretkey_list *node; - struct secretkey_list **l; - int uid; - char secretkey[HEXKEYBYTES+1]; - - if (kf == NULL) { - return; - } - l = &g_secretkeys; - seekitem(0); - while (readitem(&uid, secretkey)) { - node = (struct secretkey_list *)malloc(sizeof(*node)); - if (node == NULL) { - return; - } - node->uid = uid; - bcopy(secretkey, node->secretkey, HEXKEYBYTES + 1); - node->next = NULL; - *l = node; - l = &node->next; - } -} - -writekeys() -{ - struct secretkey_list *k; - - seekitem(0); - for (k = g_secretkeys; k != NULL; k = k->next) { - writeitem(k->uid, k->secretkey); - } -} - -seekitem(item) - int item; -{ - if (kf != NULL) { - fseek(kf, item * sizeof(struct storedkey), 0); - } -} - -writeitem(uid, key) - int uid; - char *key; -{ - struct storedkey item; - char rootkey_tmp[KEYBYTES]; - int reencrypt; - - if (kf == NULL) { - return (1); - } - if (uid == 0) { - writerootkey(key); - hex2bin(key, rootkey_tmp, KEYBYTES); - reencrypt = (haverootkey && - bcmp(rootkey, rootkey_tmp, KEYBYTES) != 0); - bcopy(rootkey_tmp, rootkey, KEYBYTES); - haverootkey = 1; - if (reencrypt) { - writekeys(); - return (1); - } - } - if (!haverootkey) { - return (1); - } - item.uid = uid; - hex2bin(key, item.crypt, KEYBYTES); - ecb_crypt(rootkey, item.crypt, KEYBYTES, DES_ENCRYPT|DES_HW); - return (fwrite(&item, sizeof(item), 1, kf) >= 0); -} - - -readitem(uidp, key) - int *uidp; - char *key; -{ - struct storedkey item; - - if (!haverootkey || kf == NULL) { - return (0); - } - if (fread(&item, sizeof(item), 1, kf) != 1) { - return (0); - } - *uidp = item.uid; - ecb_crypt(rootkey, item.crypt, KEYBYTES, DES_DECRYPT|DES_HW); - bin2hex(item.crypt, key, KEYBYTES); - key[HEXKEYBYTES] = 0; - return (1); -} - -/* - * Root users store their key in /etc/$ROOTKEY so - * that they can auto reboot without having to be - * around to type a password. Storing this in a file - * is rather dubious: it should really be in the EEPROM - * so it does not go over the net for diskless machines. - */ -writerootkey(secret) - char *secret; -{ - char newline = '\n'; - int fd; - - fd = open(ROOTKEY, O_WRONLY|O_TRUNC|O_CREAT, 0); - if (fd < 0) { - perror(ROOTKEY); - } else { - if (write(fd, secret, strlen(secret)) < 0 || - write(fd, &newline, sizeof(newline)) < 0) { - (void)fprintf(stderr, "%s: ", ROOTKEY); - perror("write"); - } - close(fd); - } -} - - -/* - * Exponential caching management - */ -struct cachekey_list { - keybuf secret; - keybuf public; - des_block deskey; - struct cachekey_list *next; -}; -static struct cachekey_list *g_cachedkeys; - - -/* - * cache result of expensive multiple precision exponential operation - */ -static -writecache(pub, sec, deskey) - char *pub; - char *sec; - des_block *deskey; -{ - struct cachekey_list *new; - - new = (struct cachekey_list *) malloc(sizeof(struct cachekey_list)); - if (new == NULL) { - return; - } - bcopy(pub, new->public, sizeof(keybuf)); - bcopy(sec, new->secret, sizeof(keybuf)); - new->deskey = *deskey; - new->next = g_cachedkeys; - g_cachedkeys = new; -} - -/* - * Try to find the common key in the cache - */ -static -readcache(pub, sec, deskey) - char *pub; - char *sec; - des_block *deskey; -{ - struct cachekey_list *found; - register struct cachekey_list **l; - -#define cachehit(pub, sec, list) \ - (bcmp(pub, (list)->public, sizeof(keybuf)) == 0 && \ - bcmp(sec, (list)->secret, sizeof(keybuf)) == 0) - - for (l = &g_cachedkeys; - (*l) != NULL && !cachehit(pub, sec, *l); - l = &(*l)->next); - if ((*l) == NULL) { - return (0); - } - found = *l; - (*l) = (*l)->next; - found->next = g_cachedkeys; - g_cachedkeys = found; - *deskey = found->deskey; - return (1); -} diff --git a/lib/librpc/secure_rpc/man/chkey.1 b/lib/librpc/secure_rpc/man/chkey.1 deleted file mode 100644 index fbf1fcd..0000000 --- a/lib/librpc/secure_rpc/man/chkey.1 +++ /dev/null @@ -1,19 +0,0 @@ -.\" @(#)chkey.1 2.1 88/08/10 4.0 RPCSRC; from 1.6 88/02/29 SMI; -.TH CHKEY 1 "9 September 1987" -.SH NAME -chkey \- change your encryption key -.SH SYNOPSIS -.B chkey -.SH DESCRIPTION -.IX "chkey command" "" "\fLchkey\fP command" -.IX "encryption key, change, \fLchkey\fR command" -.B chkey -prompts the user for their login password, and uses it to encrypt -a new encryption key for the user to be stored in the -.BR publickey (5) -database. -.SH "SEE ALSO" -.BR keylogin (1), -.BR publickey (5), -.BR keyserv (8C), -.BR newkey (8) diff --git a/lib/librpc/secure_rpc/man/des_crypt.3 b/lib/librpc/secure_rpc/man/des_crypt.3 deleted file mode 100644 index ca0a33e..0000000 --- a/lib/librpc/secure_rpc/man/des_crypt.3 +++ /dev/null @@ -1,126 +0,0 @@ -.\" @(#)des_crypt.3 2.1 88/08/11 4.0 RPCSRC; from 1.16 88/03/02 SMI; -.TH DES_CRYPT 3 "6 October 1987" -.SH NAME -des_crypt, ecb_crypt, cbc_crypt, des_setparity \- fast DES encryption -.SH SYNOPSIS -.nf -.B #include <des_crypt.h> -.LP -.B int ecb_crypt(key, data, datalen, mode) -.B char *key; -.B char *data; -.B unsigned datalen; -.B unsigned mode; -.LP -.B int cbc_crypt(key, data, datalen, mode, ivec) -.B char *key; -.B char *data; -.B unsigned datalen; -.B unsigned mode; -.B char *ivec; -.LP -.B void des_setparity(key) -.B char *key; -.fi -.SH DESCRIPTION -.IX encryption cbc_crypt "" \fLcbc_crypt\fP -.IX "des encryption" cbc_crypt "DES encryption" \fLcbc_crypt\fP -.IX encryption des_setparity "" \fLdes_setparity\fP -.IX "des encryption" des_setparity "DES encryption" \fLdes_setparity\fP -.B ecb_crypt(\|) -and -.B cbc_crypt(\|) -implement the -.SM NBS -.SM DES -(Data Encryption Standard). -These routines are faster and more general purpose than -.BR crypt (3). -They also are able to utilize -.SM DES -hardware if it is available. -.B ecb_crypt(\|) -encrypts in -.SM ECB -(Electronic Code Book) -mode, which encrypts blocks of data independently. -.B cbc_crypt(\|) -encrypts in -.SM CBC -(Cipher Block Chaining) -mode, which chains together -successive blocks. -.SM CBC -mode protects against insertions, deletions and -substitutions of blocks. Also, regularities in the clear text will -not appear in the cipher text. -.LP -Here is how to use these routines. The first parameter, -.IR key , -is the 8-byte encryption key with parity. -To set the key's parity, which for -.SM DES -is in the low bit of each byte, use -.IR des_setparity . -The second parameter, -.IR data , -contains the data to be encrypted or decrypted. The -third parameter, -.IR datalen , -is the length in bytes of -.IR data , -which must be a multiple of 8. The fourth parameter, -.IR mode , -is formed by -.SM OR\s0'ing -together some things. For the encryption direction 'or' in either -.SM DES_ENCRYPT -or -.SM DES_DECRYPT\s0. -For software versus hardware -encryption, 'or' in either -.SM DES_HW -or -.SM DES_SW\s0. -If -.SM DES_HW -is specified, and there is no hardware, then the encryption is performed -in software and the routine returns -.SM DESERR_NOHWDEVICE\s0. -For -.IR cbc_crypt , -the parameter -.I ivec -is the the 8-byte initialization -vector for the chaining. It is updated to the next initialization -vector upon return. -.LP -.SH "SEE ALSO" -.BR des (1), -.BR crypt (3) -.SH DIAGNOSTICS -.PD 0 -.TP 20 -.SM DESERR_NONE -No error. -.TP -.SM DESERR_NOHWDEVICE -Encryption succeeded, but done in software instead of the requested hardware. -.TP -.SM DESERR_HWERR -An error occurred in the hardware or driver. -.TP -.SM DESERR_BADPARAM -Bad parameter to routine. -.PD -.LP -Given a result status -.IR stat , -the macro -.SM DES_FAILED\c -.BR ( stat ) -is false only for the first two statuses. -.SH RESTRICTIONS -These routines are not available in RPCSRC 4.0. -This information is provided to describe the DES interface expected by -Secure RPC. diff --git a/lib/librpc/secure_rpc/man/keyenvoy.8c b/lib/librpc/secure_rpc/man/keyenvoy.8c deleted file mode 100644 index 8cf7bc3..0000000 --- a/lib/librpc/secure_rpc/man/keyenvoy.8c +++ /dev/null @@ -1,22 +0,0 @@ -.\" @(#)keyenvoy.8c 2.1 88/08/10 4.0 RPCSRC; from 1.5 88/03/01 SMI; -.TH KEYENVOY 8C "9 September 1987" -.SH NAME -keyenvoy \- talk to keyserver -.SH SYNOPSIS -.B keyenvoy -.SH DESCRIPTION -.IX "keyenvoy command" "" "\fLkeyenvoy\fP command" -.B keyenvoy -is used by some -.SM RPC -programs to talk to the key server, -.BR keyserv (8C). -The key server will not talk to anything but a root process, and -.B keyenvoy -is a set-uid root process that acts as an intermediary between a user -process that wishes to talk to the -key server and the key server itself. -.LP -This program cannot be run interactively. -.SH "SEE ALSO" -.BR keyserv (8C) diff --git a/lib/librpc/secure_rpc/man/keylogin.1 b/lib/librpc/secure_rpc/man/keylogin.1 deleted file mode 100644 index 516d9de..0000000 --- a/lib/librpc/secure_rpc/man/keylogin.1 +++ /dev/null @@ -1,32 +0,0 @@ -.\" @(#)keylogin.1 2.1 88/08/10 4.0 RPCSRC; from 1.6 88/02/29 SMI; -.TH KEYLOGIN 1 "9 September 1987" -.SH NAME -keylogin \- decrypt and store secret key -.SH SYNOPSIS -.B keylogin -.SH DESCRIPTION -.IX "keylogin command" "" "\fLkeylogin\fR command" -.LP -.B keylogin -prompts the user for their login password, and uses it do decrypt -the user's secret key stored in the -.BR publickey (5) -database. Once decrypted, the user's key is stored by the local -key server process -.BR keyserv (8C) -to be used by any secure network services, such as -.SM NFS\s0. -.LP -Normally, -.BR login (1) -does this work when the user logs onto the system, but running -.B keylogin -may be necessary if -the user did not type a password to -.BR login (1). -.SH "SEE ALSO" -.BR chkey (1), -.BR login (1), -.BR publickey (5), -.BR keyserv (8C), -.BR newkey (8) diff --git a/lib/librpc/secure_rpc/man/keyserv.8c b/lib/librpc/secure_rpc/man/keyserv.8c deleted file mode 100644 index aa153ed..0000000 --- a/lib/librpc/secure_rpc/man/keyserv.8c +++ /dev/null @@ -1,52 +0,0 @@ -.\" @(#)keyserv.8c 2.1 88/08/10 4.0 RPCSRC; from 1.6 88/03/01 SMI; -.TH KEYSERV 8C "9 September 1987" -.SH NAME -keyserv \- server for storing public and private keys -.SH SYNOPSIS -.B keyserv -[ -.B \-n -] -.SH DESCRIPTION -.IX "keyenvoy server" "" "\fLkeyenvoy\fP server" -.B keyserv -is a daemon that is used for storing the -private encryption keys of each -user logged into the system. These encryption -keys are using for accessing -secure network services such as secure -.SM NFS\s0. -When a user logs in to the system, the -.BR login(1) -program uses the login password to decrypt -the user's encryption key stored -in the Yellow Pages, and then gives the decrypted key to the -.B keyserv -daemon to store away. -.LP -Normally, root's key is read from the file -.B /etc/.rootkey -when the daemon starts up. This is useful during power-fail reboots -when no one is around to type a password, yet you still want the -secure network services to operate normally. -.SH OPTIONS -.TP -.B \-n -Do not read root's key from -.BR /etc/.rootkey . -Instead, prompt the user for the password to decrypt -.B root 's -key stored in the Yellow Pages and then store the decrypted key in -.B /etc/.rootkey -for future use. -This option is useful if the -.B /etc/.rootkey -file ever gets out of date or corrupted. -.SH FILES -.PD 0 -.TP 20 -.B /etc/.rootkey -.PD -.SH "SEE ALSO" -.BR login (1), -.BR publickey (5) diff --git a/lib/librpc/secure_rpc/man/publickey.3r b/lib/librpc/secure_rpc/man/publickey.3r deleted file mode 100644 index 7063e8a..0000000 --- a/lib/librpc/secure_rpc/man/publickey.3r +++ /dev/null @@ -1,44 +0,0 @@ -.\" @(#)publickey.3r 2.1 88/08/07 4.0 RPCSRC -.TH PUBLICKEY 3R "6 October 1987" -.SH NAME -publickey, getpublickey, getsecretkey \- get public or secret key -.SH SYNOPSIS -.nf -.B #include <rpc/rpc.h> -.B #include <rpc/key_prot.h> -.LP -.B getpublickey(netname, publickey) -.B char netname[\s-1MAXNETNAMELEN\s0+1]; -.B char publickey[\s-1HEXKEYBYTES\s0+1]; -.LP -.B getsecretkey(netname, secretkey, passwd) -.B char netname[\s-1MAXNETNAMELEN\s0+1]; -.B char secretkey[\s-1HEXKEYBYTES\s0+1]; -.B char *passwd; -.fi -.SH DESCRIPTION -.IX "getpublickey function" "" "\fLgetpublickey()\fP function" -.IX "getsecretkey function" "" "\fLgetsecretkey()\fP function" -These routines are used to get public and secret keys from the -.SM YP -database. -.B getsecretkey(\|) -has an extra argument, -.IR passwd , -which is used to decrypt the encrypted secret key stored in the database. -Both routines return 1 if they are successful in finding the key, 0 otherwise. -The keys are returned as -.SM NULL\s0-terminated, -hexadecimal strings. If the password supplied to -.B getsecretkey(\|) -fails to decrypt the secret key, the routine will return 1 but the -.I secretkey -argument will be a -.SM NULL -string (``''). -.SH "SEE ALSO" -.BR publickey (5) -.LP -.I \s-1RPC\s0 Programmer's Manual -in -.TX NETP diff --git a/lib/librpc/secure_rpc/man/publickey.5 b/lib/librpc/secure_rpc/man/publickey.5 deleted file mode 100644 index de3c1e9..0000000 --- a/lib/librpc/secure_rpc/man/publickey.5 +++ /dev/null @@ -1,37 +0,0 @@ -.\" @(#)publickey.5 2.1 88/08/07 4.0 RPCSRC; from 1.6 88/02/29 SMI; -.TH PUBLICKEY 5 "19 October 1987" -.SH NAME -publickey \- public key database -.SH SYNOPSIS -.B /etc/publickey -.SH DESCRIPTION -.LP -.B /etc/publickey -is the public key database used for secure -networking. Each entry in -the database consists of a network user -name (which may either refer to -a user or a hostname), followed by the user's -public key (in hex -notation), a colon, and then the user's -secret key encrypted with -its login password (also in hex notation). -.LP -This file is altered either by the user through the -.BR chkey (1) -command or by the system administrator through the -.BR newkey (8) -command. -The file -.B /etc/publickey -should only contain data on the Yellow -Pages master machine, where it -is converted into the -.SM YP -database -.BR publickey.byname . -.SH SEE ALSO -.BR chkey (1), -.BR publickey (3R), -.BR newkey (8), -.BR ypupdated (8C) diff --git a/lib/librpc/secure_rpc/man/rpc_secure.3n b/lib/librpc/secure_rpc/man/rpc_secure.3n deleted file mode 100644 index 6e9a2ee..0000000 --- a/lib/librpc/secure_rpc/man/rpc_secure.3n +++ /dev/null @@ -1,330 +0,0 @@ -.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI -.TH RPC 3N "16 February 1988" -.SH NAME -rpc_secure \- library routines for secure remote procedure calls -.SH SYNOPSIS AND DESCRIPTION -These routines are part of the RPC library. They implement DES -Authentication. See -.BR rpc (3N) -for further details about RPC. -.LP -.ft B -.nf -.sp .5 -#include <rpc/rpc.h> -.fi -.ft R -.br -.if t .ne 22 -.LP -.ft B -.nf -.sp .5 -\s-1AUTH\s0 * -authdes_create(name, window, syncaddr, ckey) -char *name; -unsigned window; -struct sockaddr_in *addr; -des_block *ckey; -.fi -.ft R -.IP -.B authdes_create(\|) -is the first of two routines which interface to the -.SM RPC -secure authentication system, known as -.SM DES -authentication. -The second is -.BR authdes_getucred(\|) , -below. Note: the keyserver daemon -.BR keyserv (8C) -must be running for the -.SM DES -authentication system to work. -.IP -.BR authdes_create(\|) , -used on the client side, returns an authentication handle that -will enable the use of the secure authentication system. -The first parameter -.I name -is the network name, or -.IR netname , -of the owner of the server process. This field usually -represents a -.I hostname -derived from the utility routine -.BR host2netname , -but could also represent a user name using -.BR user2netname . -The second field is window on the validity of -the client credential, given in seconds. A small -window is more secure than a large one, but choosing -too small of a window will increase the frequency of -resynchronizations because of clock drift. The third -parameter -.I syncaddr -is optional. If it is -.SM NULL\s0, -then the authentication system will assume -that the local clock is always in sync with the server's -clock, and will not attempt resynchronizations. If an address -is supplied, however, then the system will use the address -for consulting the remote time service whenever -resynchronization -is required. This parameter is usually the -address of the -.SM RPC -server itself. The final parameter -.I ckey -is also optional. If it is -.SM NULL\s0, -then the authentication system will -generate a random -.SM DES -key to be used for the encryption of credentials. -If it is supplied, however, then it will be used instead. -.br -.if t .ne 13 -.LP -.ft B -.nf -.sp .5 -authdes_getucred(adc, uid, gid, grouplen, groups) -struct authdes_cred *adc; -short *uid; -short *gid; -short *grouplen; -int *groups; -.fi -.ft R -.IP -.BR authdes_getucred(\|) , -the second of the two -.SM DES -authentication routines, -is used on the server side for converting a -.SM DES -credential, which is -operating system independent, into a -.UX -credential. This routine differs from utility routine -.B netname2user -in that -.B authdes_getucred(\|) -pulls its information from a cache, and does not have to do a -Yellow Pages lookup every time it is called to get its information. -.br -.ft .ne 8 -.LP -.ft B -.nf -.sp .5 -host2netname(name, host, domain) -char *name; -char *host; -char *domain; -.fi -.ft R -.IP -Convert from a domain-specific hostname to an -operating-system independent netname. Return -.SM TRUE -if it succeeds and -.SM FALSE -if it fails. Inverse of -.BR netname2host(\|) . -.br -.if t .ne 9 -.LP -.ft B -.nf -.sp .5 -key_decryptsession(remotename, deskey) -char *remotename; -des_block *deskey; -.fi -.ft R -.IP -.B key_decryptsession(\|) -is an interface to the keyserver daemon, which is associated -with -.SM RPC\s0's -secure authentication system (\s-1DES\s0 -authentication). -User programs rarely need to call it, or its associated routines -.BR key_encryptsession(\|) , -.B key_gendes(\|) -and -.BR key_setsecret(\|) . -System commands such as -.B login -and the -.SM RPC -library are the main clients of these four routines. -.IP -.B key_decryptsession(\|) -takes a server netname and a des key, and decrypts the key by -using the the public key of the the server and the secret key -associated with the effective uid of the calling process. It -is the inverse of -.BR key_encryptsession(\|) . -.br -.if t .ne 8 -.LP -.ft B -.nf -.sp .5 -key_encryptsession(remotename, deskey) -char *remotename; -des_block *deskey; -.fi -.ft R -.IP -.B key_encryptsession(\|) -is a keyserver interface routine. It -takes a server netname and a des key, and encrypts -it using the public key of the the server and the secret key -associated with the effective uid of the calling process. It -is the inverse of -.BR key_decryptsession(\|) . -.br -.if t .ne 7 -.LP -.ft B -.nf -.sp .5 -key_gendes(deskey) -des_block *deskey; -.fi -.ft R -.IP -.B key_gendes(\|) -is a keyserver interface routine. It -is used to ask the keyserver for a secure conversation key. -Choosing one at \(lqrandom\(rq is usually not good enough, -because -the common ways of choosing random numbers, such as using the -current time, are very easy to guess. -.br -.if t .ne 6 -.LP -.ft B -.nf -.sp .5 -key_setsecret(key) -char *key; -.fi -.ft R -.IP -.B key_setsecret(\|) -is a keyserver interface routine. It is used to set the key for -the effective -.I uid -of the calling process. -.br -.if t .ne 7 -.LP -.ft B -.nf -.sp .5 -getnetname(name) -char name[\s-1MAXNETNAMELEN\s0]; -.fi -.ft R -.IP -.B getnetname(\|) -installs the unique, operating-system independent netname of -the -caller in the fixed-length array -.IR name . -Returns -.SM TRUE -if it succeeds and -.SM FALSE -if it fails. -.br -.if t .ne 6 -.LP -.ft B -.nf -.sp .5 -netname2host(name, host, hostlen) -char *name; -char *host; -int hostlen; -.fi -.ft R -.IP -Convert from an operating-system independent netname to a -domain-specific hostname. Returns -.SM TRUE -if it succeeds and -.SM FALSE -if it fails. Inverse of -.BR host2netname(\|) . -.br -.if t .ne 9 -.LP -.ft B -.nf -.sp .5 -netname2user(name, uidp, gidp, gidlenp, gidlist) -char *name; -int *uidp; -int *gidp; -int *gidlenp; -int *gidlist; -.fi -.ft R -.IP -Convert from an operating-system independent netname to a -domain-specific user -.SM ID. -Returns -.SM TRUE -if it succeeds and -.SM FALSE -if it fails. Inverse of -.BR user2netname(\|) . -.br -.if t .ne 8 -.LP -.ft B -.nf -.sp .5 -user2netname(name, uid, domain) -char *name; -int uid; -char *domain; -.fi -.ft R -.IP -Convert from a domain-specific username to an operating-system -independent netname. Returns -.SM TRUE -if it succeeds and -.SM FALSE -if it fails. Inverse of -.BR netname2user(\|) . -.br -.SH SEE ALSO -.BR xdr (3N), -.BR keyserv (8C), -.BR rpc (3N) -.br -The following manuals: -.RS -.ft I -Remote Procedure Calls: Protocol Specification -.br -Remote Procedure Call Programming Guide -.br -rpcgen Programming Guide -.br -.ft R -.RE -.IR "\s-1RPC\s0: Remote Procedure Call Protocol Specification" , -.SM RFC1050, Sun Microsystems, Inc., -.SM USC-ISI\s0. - diff --git a/lib/librpc/secure_rpc/man/rtime.3n b/lib/librpc/secure_rpc/man/rtime.3n deleted file mode 100644 index af0c1ca..0000000 --- a/lib/librpc/secure_rpc/man/rtime.3n +++ /dev/null @@ -1,43 +0,0 @@ -.\" @(#)rtime.3n 2.1 88/08/08 4.0 RPCSRC; from 1.5 88/02/08 SMI -.TH RTIME 3 "22 November 1987" -.SH NAME -rtime \- get remote time -.SH SYNOPSIS -.nf -.B #include <sys/types.h> -.B #include <sys/time.h> -.B #include <netinet/in.h> -.LP -.B int rtime(addrp, timep, timeout) -.B struct sockaddr_in \(**addrp; -.B struct timeval \(**timep; -.B struct timeval \(**timeout; -.fi -.SH DESCRIPTION -.B rtime(\|) -consults the Internet Time Server at the address pointed to by -.I addrp -and returns the remote time in the -.B timeval -struct pointed to by -.IR timep . -Normally, the -.SM UDP -protocol is used when consulting the Time Server. The -.I timeout -parameter specifies how long the -routine should wait before giving -up when waiting for a reply. If -.I timeout -is specified as -.SM NULL\s0, -however, the routine will instead use -.SM TCP -and block until a reply is received from the time server. -.LP -The routine returns 0 if it is successful. Otherwise, -it returns \-1 and -.B errno -is set to reflect the cause of the error. -.SH "SEE ALSO" -.BR timed (8c) diff --git a/lib/librpc/secure_rpc/rpc/Makefile b/lib/librpc/secure_rpc/rpc/Makefile deleted file mode 100644 index 88b242f..0000000 --- a/lib/librpc/secure_rpc/rpc/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -# -# @(#)Makefile 2.3 88/08/15 4.0 RPCSRC -# -# -# Copyright (c) 1987 by Sun Microsystems, Inc. -# - -DESTDIR= - -CFLAGS = -I.. - -SRCS = auth_des.c authdes_prot.c key_call.c key_prot.c netname.c svcauth_des.c \ - openchild.c rtime.c publickey.c xcrypt.c \ - auth_none.c auth_unix.c authunix_prot.c bindresvport.c \ - clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c clnt_tcp.c \ - clnt_udp.c rpc_dtablesize.c get_myaddress.c getrpcent.c getrpcport.c \ - pmap_clnt.c pmap_getmaps.c pmap_getport.c pmap_prot.c \ - pmap_prot2.c pmap_rmt.c rpc_prot.c rpc_commondata.c rpc_callmsg.c \ - svc.c svc_auth.c svc_auth_unix.c svc_raw.c svc_run.c svc_simple.c \ - svc_tcp.c svc_udp.c xdr.c xdr_array.c xdr_float.c xdr_mem.c \ - xdr_rec.c xdr_reference.c xdr_stdio.c - -OBJS = auth_des.o authdes_prot.o key_call.o key_prot.o netname.o svcauth_des.o \ - openchild.o rtime.o publickey.o xcrypt.o \ - auth_none.o auth_unix.o authunix_prot.o bindresvport.o \ - clnt_generic.o clnt_perror.o clnt_raw.o clnt_simple.o clnt_tcp.o \ - clnt_udp.o rpc_dtablesize.o get_myaddress.o getrpcent.o getrpcport.o \ - pmap_clnt.o pmap_getmaps.o pmap_getport.o pmap_prot.o \ - pmap_prot2.o pmap_rmt.o rpc_prot.o rpc_commondata.o rpc_callmsg.o \ - svc.o svc_auth.o svc_auth_unix.o svc_raw.o svc_run.o svc_simple.o \ - svc_tcp.o svc_udp.o xdr.o xdr_array.o xdr_float.o xdr_mem.o \ - xdr_rec.o xdr_reference.o xdr_stdio.o - -HDRS = key_prot.h \ - auth.h auth_unix.h auth_des.h clnt.h netdb.h pmap_clnt.h \ - pmap_prot.h pmap_rmt.h rpc.h rpc_msg.h svc.h svc_auth.h types.h xdr.h - -XFILES= key_prot.x - -all rpclib: librpclib.a - -librpclib.a: ${OBJS} - @echo "building librpclib.a" - @ar cru librpclib.a ${OBJS} - -install: $(HDRS) librpclib.a - @echo "Creating RPC header directory" - -mkdir ${DESTDIR}/usr/include/rpc && \ - chown bin ${DESTDIR}/usr/include/rpc && \ - chmod 755 ${DESTDIR}/usr/include/rpc - @echo "Installing RPC header files" - -set -x;for i in $(HDRS) $(XFILES) ; do \ - (install -c -m 644 $$i ${DESTDIR}/usr/include/rpc) done - @echo "Installing RPC library" - install -c -m 644 librpclib.a ${DESTDIR}/usr/lib - ranlib ${DESTDIR}/usr/lib/librpclib.a - -tags: $(SRCS) $(HDRS) - ctags -tw $(SRCS) $(HDRS) - -ref: tags - sed 's, /.*,,' tags | \ - awk ' { printf("%-26s%-16s%s\n", $$1, $$2, $$3) }' > ref - -lint: $(SRCS) $(HDRS) - $(LINT.c) $(SRCS) - -clean: rm -f *.o rpclib.a - -.SUFFIXES: .x .x~ - -.x.c: - rpcgen -c $< | \ - sed 's/^#include \"$*\.h\"/#include <rpc\/$*\.h>/' > $@ - -.x.h: - rpcgen -h $< > $@ - -depend: $(SRCS) $(HDRS) - @${CC} ${CFLAGS} -M ${SRCS} > makedep - @echo '/^# DO NOT DELETE THIS LINE/+1,$$d' >eddep - @echo '$$r makedep' >>eddep - @echo 'w' >>eddep - @cp Makefile makefile.bak - @ed - Makefile < eddep - @rm eddep makedep makefile.bak - -depend.42BSD depend.42bsd: - cp /dev/null x.c - for i in $(SRCS) ; do \ - (/bin/grep '^#[ ]*include' x.c $$i | sed \ - -e '/\.\.\/h/d' \ - -e '/\.\.\/ufs/d' \ - -e 's,<\(.*\)>,"/usr/include/\1",' \ - -e 's/:[^"]*"\([^"]*\)".*/: \1/' \ - -e 's/\.c/\.o/' >>makedep); done - echo '/^# DO NOT DELETE THIS LINE/+2,$$d' >eddep - echo '$$r makedep' >>eddep - echo 'w' >>eddep - cp Makefile Makefile.bak - ed - Makefile < eddep - rm eddep makedep x.c - echo '# DEPENDENCIES MUST END AT END OF FILE' >> Makefile - echo '# IF YOU PUT STUFF HERE IT WILL GO AWAY' >> Makefile - echo '# see make depend above' >> Makefile - -# DO NOT DELETE THIS LINE - - diff --git a/lib/librpc/secure_rpc/rpc/auth_des.c b/lib/librpc/secure_rpc/rpc/auth_des.c deleted file mode 100644 index a757c49..0000000 --- a/lib/librpc/secure_rpc/rpc/auth_des.c +++ /dev/null @@ -1,411 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)auth_des.c 2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ -/* - * auth_des.c, client-side implementation of DES authentication - */ - -#include <des_crypt.h> -#include <rpc/types.h> -#include <rpc/auth.h> -#include <rpc/auth_des.h> -#include <rpc/xdr.h> -#include <netinet/in.h> /* XXX: just to get htonl() and ntohl() */ -#include <sys/socket.h> - -#define MILLION 1000000L -#define RTIME_TIMEOUT 5 /* seconds to wait for sync */ - -#define AUTH_PRIVATE(auth) (struct ad_private *) auth->ah_private -#define ALLOC(object_type) (object_type *) mem_alloc(sizeof(object_type)) -#define FREE(ptr, size) mem_free((char *)(ptr), (int) size) -#define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE) - -#define debug(msg) /*printf("%s\n", msg) */ - -/* - * DES authenticator operations vector - */ -static void authdes_nextverf(); -static bool_t authdes_marshal(); -static bool_t authdes_validate(); -static bool_t authdes_refresh(); -static void authdes_destroy(); -static struct auth_ops authdes_ops = { - authdes_nextverf, - authdes_marshal, - authdes_validate, - authdes_refresh, - authdes_destroy -}; - - -/* - * This struct is pointed to by the ah_private field of an "AUTH *" - */ -struct ad_private { - char *ad_fullname; /* client's full name */ - u_int ad_fullnamelen; /* length of name, rounded up */ - char *ad_servername; /* server's full name */ - u_int ad_servernamelen; /* length of name, rounded up */ - u_int ad_window; /* client specified window */ - bool_t ad_dosync; /* synchronize? */ - struct sockaddr ad_syncaddr; /* remote host to synch with */ - struct timeval ad_timediff; /* server's time - client's time */ - u_long ad_nickname; /* server's nickname for client */ - struct authdes_cred ad_cred; /* storage for credential */ - struct authdes_verf ad_verf; /* storage for verifier */ - struct timeval ad_timestamp; /* timestamp sent */ - des_block ad_xkey; /* encrypted conversation key */ -}; - - -/* - * Create the client des authentication object - */ -AUTH * -authdes_create(servername, window, syncaddr, ckey) - char *servername; /* network name of server */ - u_int window; /* time to live */ - struct sockaddr *syncaddr; /* optional addr of host to sync with */ - des_block *ckey; /* optional conversation key to use*/ -{ - - AUTH *auth; - struct ad_private *ad; - char namebuf[MAXNETNAMELEN+1]; - - /* - * Allocate everything now - */ - auth = ALLOC(AUTH); - ad = ALLOC(struct ad_private); - (void) getnetname(namebuf); - - ad->ad_fullnamelen = RNDUP(strlen(namebuf)); - ad->ad_fullname = mem_alloc(ad->ad_fullnamelen + 1); - - ad->ad_servernamelen = strlen(servername); - ad->ad_servername = mem_alloc(ad->ad_servernamelen + 1); - - if (auth == NULL || ad == NULL || ad->ad_fullname == NULL || - ad->ad_servername == NULL) { - debug("authdes_create: out of memory"); - goto failed; - } - - /* - * Set up private data - */ - bcopy(namebuf, ad->ad_fullname, ad->ad_fullnamelen + 1); - bcopy(servername, ad->ad_servername, ad->ad_servernamelen + 1); - if (syncaddr != NULL) { - ad->ad_syncaddr = *syncaddr; - ad->ad_dosync = TRUE; - } else { - ad->ad_dosync = FALSE; - } - ad->ad_window = window; - if (ckey == NULL) { - if (key_gendes(&auth->ah_key) < 0) { - debug("authdes_create: unable to gen conversation key"); - return (NULL); - } - } else { - auth->ah_key = *ckey; - } - - /* - * Set up auth handle - */ - auth->ah_cred.oa_flavor = AUTH_DES; - auth->ah_verf.oa_flavor = AUTH_DES; - auth->ah_ops = &authdes_ops; - auth->ah_private = (caddr_t)ad; - - if (!authdes_refresh(auth)) { - goto failed; - } - return (auth); - -failed: - if (auth != NULL) - FREE(auth, sizeof(AUTH)); - if (ad != NULL) - FREE(ad, sizeof(struct ad_private)); - if (ad->ad_fullname != NULL) - FREE(ad->ad_fullname, ad->ad_fullnamelen + 1); - if (ad->ad_servername != NULL) - FREE(ad->ad_servername, ad->ad_servernamelen + 1); - return (NULL); -} - -/* - * Implement the five authentication operations - */ - - -/* - * 1. Next Verifier - */ -/*ARGSUSED*/ -static void -authdes_nextverf(auth) - AUTH *auth; -{ - /* what the heck am I supposed to do??? */ -} - - - -/* - * 2. Marshal - */ -static bool_t -authdes_marshal(auth, xdrs) - AUTH *auth; - XDR *xdrs; -{ - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_cred *cred = &ad->ad_cred; - struct authdes_verf *verf = &ad->ad_verf; - des_block cryptbuf[2]; - des_block ivec; - int status; - int len; - register long *ixdr; - - /* - * Figure out the "time", accounting for any time difference - * with the server if necessary. - */ - (void) gettimeofday(&ad->ad_timestamp, (struct timezone *)NULL); - ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec; - ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec; - if (ad->ad_timestamp.tv_usec >= MILLION) { - ad->ad_timestamp.tv_usec -= MILLION; - ad->ad_timestamp.tv_sec += 1; - } - - /* - * XDR the timestamp and possibly some other things, then - * encrypt them. - */ - ixdr = (long *)cryptbuf; - IXDR_PUT_LONG(ixdr, ad->ad_timestamp.tv_sec); - IXDR_PUT_LONG(ixdr, ad->ad_timestamp.tv_usec); - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - IXDR_PUT_U_LONG(ixdr, ad->ad_window); - IXDR_PUT_U_LONG(ixdr, ad->ad_window - 1); - ivec.key.high = ivec.key.low = 0; - status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf, - 2*sizeof(des_block), DES_ENCRYPT | DES_HW, (char *)&ivec); - } else { - status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf, - sizeof(des_block), DES_ENCRYPT | DES_HW); - } - if (DES_FAILED(status)) { - debug("authdes_marshal: DES encryption failure"); - return (FALSE); - } - ad->ad_verf.adv_xtimestamp = cryptbuf[0]; - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; - ad->ad_verf.adv_winverf = cryptbuf[1].key.low; - } else { - ad->ad_cred.adc_nickname = ad->ad_nickname; - ad->ad_verf.adv_winverf = 0; - } - - /* - * Serialize the credential and verifier into opaque - * authentication data. - */ - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); - } else { - len = (1 + 1)*BYTES_PER_XDR_UNIT; - } - - if (ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT)) { - IXDR_PUT_LONG(ixdr, AUTH_DES); - IXDR_PUT_LONG(ixdr, len); - } else { - ATTEMPT(xdr_putlong(xdrs, &auth->ah_cred.oa_flavor)); - ATTEMPT(xdr_putlong(xdrs, &len)); - } - ATTEMPT(xdr_authdes_cred(xdrs, cred)); - - len = (2 + 1)*BYTES_PER_XDR_UNIT; - if (ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT)) { - IXDR_PUT_LONG(ixdr, AUTH_DES); - IXDR_PUT_LONG(ixdr, len); - } else { - ATTEMPT(xdr_putlong(xdrs, &auth->ah_verf.oa_flavor)); - ATTEMPT(xdr_putlong(xdrs, &len)); - } - ATTEMPT(xdr_authdes_verf(xdrs, verf)); - return (TRUE); -} - - -/* - * 3. Validate - */ -static bool_t -authdes_validate(auth, rverf) - AUTH *auth; - struct opaque_auth *rverf; -{ - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_verf verf; - int status; - register u_long *ixdr; - - if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) { - return (FALSE); - } - ixdr = (u_long *)rverf->oa_base; - verf.adv_xtimestamp.key.high = (u_long)*ixdr++; - verf.adv_xtimestamp.key.low = (u_long)*ixdr++; - verf.adv_int_u = (u_long)*ixdr++; /* nickname not XDR'd ! */ - - /* - * Decrypt the timestamp - */ - status = ecb_crypt((char *)&auth->ah_key, (char *)&verf.adv_xtimestamp, - sizeof(des_block), DES_DECRYPT | DES_HW); - - if (DES_FAILED(status)) { - debug("authdes_validate: DES decryption failure"); - return (FALSE); - } - - /* - * xdr the decrypted timestamp - */ - ixdr = (u_long *)verf.adv_xtimestamp.c; - verf.adv_timestamp.tv_sec = IXDR_GET_LONG(ixdr) + 1; - verf.adv_timestamp.tv_usec = IXDR_GET_LONG(ixdr); - - /* - * validate - */ - if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp, - sizeof(struct timeval)) != 0) { - debug("authdes_validate: verifier mismatch\n"); - return (FALSE); - } - - /* - * We have a nickname now, let's use it - */ - ad->ad_nickname = verf.adv_nickname; - ad->ad_cred.adc_namekind = ADN_NICKNAME; - return (TRUE); -} - -/* - * 4. Refresh - */ -static bool_t -authdes_refresh(auth) - AUTH *auth; -{ - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_cred *cred = &ad->ad_cred; - - if (ad->ad_dosync && - !synchronize(&ad->ad_syncaddr, &ad->ad_timediff)) { - /* - * Hope the clocks are synced! - */ - ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; - debug("authdes_refresh: unable to synchronize with server"); - } - ad->ad_xkey = auth->ah_key; - if (key_encryptsession(ad->ad_servername, &ad->ad_xkey) < 0) { - debug("authdes_create: unable to encrypt conversation key"); - return (FALSE); - } - cred->adc_fullname.key = ad->ad_xkey; - cred->adc_namekind = ADN_FULLNAME; - cred->adc_fullname.name = ad->ad_fullname; - return (TRUE); -} - - -/* - * 5. Destroy - */ -static void -authdes_destroy(auth) - AUTH *auth; -{ - struct ad_private *ad = AUTH_PRIVATE(auth); - - FREE(ad->ad_fullname, ad->ad_fullnamelen + 1); - FREE(ad->ad_servername, ad->ad_servernamelen + 1); - FREE(ad, sizeof(struct ad_private)); - FREE(auth, sizeof(AUTH)); -} - - - -/* - * Synchronize with the server at the given address, that is, - * adjust timep to reflect the delta between our clocks - */ -static bool_t -synchronize(syncaddr, timep) - struct sockaddr *syncaddr; - struct timeval *timep; -{ - struct timeval mytime; - struct timeval timeout; - - timeout.tv_sec = RTIME_TIMEOUT; - timeout.tv_usec = 0; - if (rtime((struct sockaddr_in *)syncaddr, timep, &timeout) < 0) { - return (FALSE); - } - (void) gettimeofday(&mytime, (struct timezone *)NULL); - timep->tv_sec -= mytime.tv_sec; - if (mytime.tv_usec > timep->tv_usec) { - timep->tv_sec -= 1; - timep->tv_usec += MILLION; - } - timep->tv_usec -= mytime.tv_usec; - return (TRUE); -} diff --git a/lib/librpc/secure_rpc/rpc/auth_des.h b/lib/librpc/secure_rpc/rpc/auth_des.h deleted file mode 100644 index 4ae4761..0000000 --- a/lib/librpc/secure_rpc/rpc/auth_des.h +++ /dev/null @@ -1,105 +0,0 @@ -/* @(#)auth_des.h 2.2 88/07/29 4.0 RPCSRC; from 1.3 88/02/08 SMI */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * auth_des.h, Protocol for DES style authentication for RPC - */ - -#ifndef _AUTH_DES_ -#define _AUTH_DES_ - -/* - * There are two kinds of "names": fullnames and nicknames - */ -enum authdes_namekind { - ADN_FULLNAME, - ADN_NICKNAME -}; - -/* - * A fullname contains the network name of the client, - * a conversation key and the window - */ -struct authdes_fullname { - char *name; /* network name of client, up to MAXNETNAMELEN */ - des_block key; /* conversation key */ - u_long window; /* associated window */ -}; - - -/* - * A credential - */ -struct authdes_cred { - enum authdes_namekind adc_namekind; - struct authdes_fullname adc_fullname; - u_long adc_nickname; -}; - - - -/* - * A des authentication verifier - */ -struct authdes_verf { - union { - struct timeval adv_ctime; /* clear time */ - des_block adv_xtime; /* crypt time */ - } adv_time_u; - u_long adv_int_u; -}; - -/* - * des authentication verifier: client variety - * - * adv_timestamp is the current time. - * adv_winverf is the credential window + 1. - * Both are encrypted using the conversation key. - */ -#define adv_timestamp adv_time_u.adv_ctime -#define adv_xtimestamp adv_time_u.adv_xtime -#define adv_winverf adv_int_u - -/* - * des authentication verifier: server variety - * - * adv_timeverf is the client's timestamp + client's window - * adv_nickname is the server's nickname for the client. - * adv_timeverf is encrypted using the conversation key. - */ -#define adv_timeverf adv_time_u.adv_ctime -#define adv_xtimeverf adv_time_u.adv_xtime -#define adv_nickname adv_int_u - -#endif /* ndef _AUTH_DES_ */ diff --git a/lib/librpc/secure_rpc/rpc/authdes_prot.c b/lib/librpc/secure_rpc/rpc/authdes_prot.c deleted file mode 100644 index 14679c0..0000000 --- a/lib/librpc/secure_rpc/rpc/authdes_prot.c +++ /dev/null @@ -1,82 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)authdes_prot.c 2.1 88/07/29 4.0 RPCSRC; from 1.6 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * authdes_prot.c, XDR routines for DES authentication - */ - -#include <rpc/types.h> -#include <rpc/xdr.h> -#include <rpc/auth.h> -#include <rpc/auth_des.h> - -#define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE) - -bool_t -xdr_authdes_cred(xdrs, cred) - XDR *xdrs; - struct authdes_cred *cred; -{ - /* - * Unrolled xdr - */ - ATTEMPT(xdr_enum(xdrs, (enum_t *)&cred->adc_namekind)); - switch (cred->adc_namekind) { - case ADN_FULLNAME: - ATTEMPT(xdr_string(xdrs, &cred->adc_fullname.name, MAXNETNAMELEN)); - ATTEMPT(xdr_opaque(xdrs, (caddr_t)&cred->adc_fullname.key, sizeof(des_block))); - ATTEMPT(xdr_opaque(xdrs, (caddr_t)&cred->adc_fullname.window, sizeof(cred->adc_fullname.window))); - return (TRUE); - case ADN_NICKNAME: - ATTEMPT(xdr_opaque(xdrs, (caddr_t)&cred->adc_nickname, sizeof(cred->adc_nickname))); - return (TRUE); - default: - return (FALSE); - } -} - - -bool_t -xdr_authdes_verf(xdrs, verf) - register XDR *xdrs; - register struct authdes_verf *verf; -{ - /* - * Unrolled xdr - */ - ATTEMPT(xdr_opaque(xdrs, (caddr_t)&verf->adv_xtimestamp, sizeof(des_block))); - ATTEMPT(xdr_opaque(xdrs, (caddr_t)&verf->adv_int_u, sizeof(verf->adv_int_u))); - return (TRUE); -} diff --git a/lib/librpc/secure_rpc/rpc/key_call.c b/lib/librpc/secure_rpc/rpc/key_call.c deleted file mode 100644 index c2fd335..0000000 --- a/lib/librpc/secure_rpc/rpc/key_call.c +++ /dev/null @@ -1,228 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)key_call.c 2.2 88/08/15 4.0 RPCSRC; from 1.11 88/02/08 SMI"; -#endif -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * key_call.c, Interface to keyserver - * - * setsecretkey(key) - set your secret key - * encryptsessionkey(agent, deskey) - encrypt a session key to talk to agent - * decryptsessionkey(agent, deskey) - decrypt ditto - * gendeskey(deskey) - generate a secure des key - * netname2user(...) - get unix credential for given name (kernel only) - */ -#include <sys/param.h> -#include <sys/socket.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> - -#define KEY_TIMEOUT 5 /* per-try timeout in seconds */ -#define KEY_NRETRY 12 /* number of retries */ - -#define debug(msg) /* turn off debugging */ - -static struct timeval trytimeout = { KEY_TIMEOUT, 0 }; -static struct timeval tottimeout = { KEY_TIMEOUT * KEY_NRETRY, 0 }; - -key_setsecret(secretkey) - char *secretkey; -{ - keystatus status; - - if (!key_call((u_long)KEY_SET, xdr_keybuf, secretkey, xdr_keystatus, - (char*)&status)) - { - return (-1); - } - if (status != KEY_SUCCESS) { - debug("set status is nonzero"); - return (-1); - } - return (0); -} - - -key_encryptsession(remotename, deskey) - char *remotename; - des_block *deskey; -{ - cryptkeyarg arg; - cryptkeyres res; - - arg.remotename = remotename; - arg.deskey = *deskey; - if (!key_call((u_long)KEY_ENCRYPT, - xdr_cryptkeyarg, (char *)&arg, xdr_cryptkeyres, (char *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) { - debug("encrypt status is nonzero"); - return (-1); - } - *deskey = res.cryptkeyres_u.deskey; - return (0); -} - - -key_decryptsession(remotename, deskey) - char *remotename; - des_block *deskey; -{ - cryptkeyarg arg; - cryptkeyres res; - - arg.remotename = remotename; - arg.deskey = *deskey; - if (!key_call((u_long)KEY_DECRYPT, - xdr_cryptkeyarg, (char *)&arg, xdr_cryptkeyres, (char *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) { - debug("decrypt status is nonzero"); - return (-1); - } - *deskey = res.cryptkeyres_u.deskey; - return (0); -} - -key_gendes(key) - des_block *key; -{ - struct sockaddr_in sin; - CLIENT *client; - int socket; - enum clnt_stat stat; - - - sin.sin_family = AF_INET; - sin.sin_port = 0; - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - bzero(sin.sin_zero, sizeof(sin.sin_zero)); - socket = RPC_ANYSOCK; - client = clntudp_bufcreate(&sin, (u_long)KEY_PROG, (u_long)KEY_VERS, - trytimeout, &socket, RPCSMALLMSGSIZE, RPCSMALLMSGSIZE); - if (client == NULL) { - return (-1); - } - stat = clnt_call(client, KEY_GEN, xdr_void, NULL, - xdr_des_block, key, tottimeout); - clnt_destroy(client); - (void) close(socket); - if (stat != RPC_SUCCESS) { - return (-1); - } - return (0); -} - - -#include <stdio.h> -#include <sys/wait.h> - - -static -key_call(proc, xdr_arg, arg, xdr_rslt, rslt) - u_long proc; - bool_t (*xdr_arg)(); - char *arg; - bool_t (*xdr_rslt)(); - char *rslt; -{ - XDR xdrargs; - XDR xdrrslt; - FILE *fargs; - FILE *frslt; - int (*osigchild)(); - union wait status; - int pid; - int success; - int ruid; - int euid; - static char MESSENGER[] = "/usr/etc/keyenvoy"; - - success = 1; - osigchild = signal(SIGCHLD, SIG_IGN); - - /* - * We are going to exec a set-uid program which makes our effective uid - * zero, and authenticates us with our real uid. We need to make the - * effective uid be the real uid for the setuid program, and - * the real uid be the effective uid so that we can change things back. - */ - euid = geteuid(); - ruid = getuid(); - (void) setreuid(euid, ruid); - pid = _openchild(MESSENGER, &fargs, &frslt); - (void) setreuid(ruid, euid); - if (pid < 0) { - debug("open_streams"); - return (0); - } - xdrstdio_create(&xdrargs, fargs, XDR_ENCODE); - xdrstdio_create(&xdrrslt, frslt, XDR_DECODE); - - if (!xdr_u_long(&xdrargs, &proc) || !(*xdr_arg)(&xdrargs, arg)) { - debug("xdr args"); - success = 0; - } - (void) fclose(fargs); - - if (success && !(*xdr_rslt)(&xdrrslt, rslt)) { - debug("xdr rslt"); - success = 0; - } - -#ifdef NOTDEF - /* - * WARNING! XXX - * The original code appears first. wait4 returns only after the process - * with the requested pid terminates. The effect of using wait() instead - * has not been determined. - */ - (void) fclose(frslt); - if (wait4(pid, &status, 0, NULL) < 0 || status.w_retcode != 0) { - debug("wait4"); - success = 0; - } -#endif /* def NOTDEF */ - if (wait(&status) < 0 || status.w_retcode != 0) { - debug("wait"); - success = 0; - } - (void)signal(SIGCHLD, osigchild); - - return (success); -} - diff --git a/lib/librpc/secure_rpc/rpc/key_prot.c b/lib/librpc/secure_rpc/rpc/key_prot.c deleted file mode 100644 index a93f543..0000000 --- a/lib/librpc/secure_rpc/rpc/key_prot.c +++ /dev/null @@ -1,165 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)key_prot.c 2.1 88/08/07 4.0 RPCSRC; from 1.4 88/02/08 SMI"; -#endif - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -#include <rpc/rpc.h> -#include <rpc/key_prot.h> - - -/* - * Compiled from key_prot.x using rpcgen. - * DO NOT EDIT THIS FILE! - * This is NOT source code! - */ - - -bool_t -xdr_keystatus(xdrs, objp) - XDR *xdrs; - keystatus *objp; -{ - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - - - - -bool_t -xdr_keybuf(xdrs, objp) - XDR *xdrs; - keybuf objp; -{ - if (!xdr_opaque(xdrs, objp, HEXKEYBYTES)) { - return (FALSE); - } - return (TRUE); -} - - - - -bool_t -xdr_netnamestr(xdrs, objp) - XDR *xdrs; - netnamestr *objp; -{ - if (!xdr_string(xdrs, objp, MAXNETNAMELEN)) { - return (FALSE); - } - return (TRUE); -} - - - - -bool_t -xdr_cryptkeyarg(xdrs, objp) - XDR *xdrs; - cryptkeyarg *objp; -{ - if (!xdr_netnamestr(xdrs, &objp->remotename)) { - return (FALSE); - } - if (!xdr_des_block(xdrs, &objp->deskey)) { - return (FALSE); - } - return (TRUE); -} - - - - -bool_t -xdr_cryptkeyres(xdrs, objp) - XDR *xdrs; - cryptkeyres *objp; -{ - if (!xdr_keystatus(xdrs, &objp->status)) { - return (FALSE); - } - switch (objp->status) { - case KEY_SUCCESS: - if (!xdr_des_block(xdrs, &objp->cryptkeyres_u.deskey)) { - return (FALSE); - } - break; - } - return (TRUE); -} - - - - -bool_t -xdr_unixcred(xdrs, objp) - XDR *xdrs; - unixcred *objp; -{ - if (!xdr_int(xdrs, &objp->uid)) { - return (FALSE); - } - if (!xdr_int(xdrs, &objp->gid)) { - return (FALSE); - } - if (!xdr_array(xdrs, (char **)&objp->gids.gids_val, (u_int *)&objp->gids.gids_len, MAXGIDS, sizeof(int), xdr_int)) { - return (FALSE); - } - return (TRUE); -} - - - - -bool_t -xdr_getcredres(xdrs, objp) - XDR *xdrs; - getcredres *objp; -{ - if (!xdr_keystatus(xdrs, &objp->status)) { - return (FALSE); - } - switch (objp->status) { - case KEY_SUCCESS: - if (!xdr_unixcred(xdrs, &objp->getcredres_u.cred)) { - return (FALSE); - } - break; - } - return (TRUE); -} - - diff --git a/lib/librpc/secure_rpc/rpc/key_prot.h b/lib/librpc/secure_rpc/rpc/key_prot.h deleted file mode 100644 index 277e4b8..0000000 --- a/lib/librpc/secure_rpc/rpc/key_prot.h +++ /dev/null @@ -1,114 +0,0 @@ -/* @(#)key_prot.h 2.1 88/08/07 4.0 RPCSRC; from 1.4 87/03/10 Copyr 1986 Sun Micro */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - - -/* - * Compiled from key_prot.x using rpcgen. - * DO NOT EDIT THIS FILE! - * This is NOT source code! - */ - -#define KEY_PROG 100029 -#define KEY_VERS 1 -#define KEY_SET 1 -#define KEY_ENCRYPT 2 -#define KEY_DECRYPT 3 -#define KEY_GEN 4 -#define KEY_GETCRED 5 - -#define PROOT 3 -#define HEXMODULUS "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b" -#define HEXKEYBYTES 48 -#define KEYSIZE 192 -#define KEYBYTES 24 -#define KEYCHECKSUMSIZE 16 - -enum keystatus { - KEY_SUCCESS = 0, - KEY_NOSECRET = 1, - KEY_UNKNOWN = 2, - KEY_SYSTEMERR = 3, -}; -typedef enum keystatus keystatus; -bool_t xdr_keystatus(); - - -typedef char keybuf[HEXKEYBYTES]; -bool_t xdr_keybuf(); - - -typedef char *netnamestr; -bool_t xdr_netnamestr(); - - -struct cryptkeyarg { - netnamestr remotename; - des_block deskey; -}; -typedef struct cryptkeyarg cryptkeyarg; -bool_t xdr_cryptkeyarg(); - - -struct cryptkeyres { - keystatus status; - union { - des_block deskey; - } cryptkeyres_u; -}; -typedef struct cryptkeyres cryptkeyres; -bool_t xdr_cryptkeyres(); - -#define MAXGIDS 16 - -struct unixcred { - int uid; - int gid; - struct { - u_int gids_len; - int *gids_val; - } gids; -}; -typedef struct unixcred unixcred; -bool_t xdr_unixcred(); - - -struct getcredres { - keystatus status; - union { - unixcred cred; - } getcredres_u; -}; -typedef struct getcredres getcredres; -bool_t xdr_getcredres(); - diff --git a/lib/librpc/secure_rpc/rpc/key_prot.x b/lib/librpc/secure_rpc/rpc/key_prot.x deleted file mode 100644 index 2f6ebdb..0000000 --- a/lib/librpc/secure_rpc/rpc/key_prot.x +++ /dev/null @@ -1,151 +0,0 @@ -%/* @(#)key_prot.x 2.1 88/08/07 4.0 RPCSRC; from 1.7 88/02/08 SMI */ -% -%/* -% * Copyright (c) 1988 by Sun Microsystems, Inc. -% */ -% -%/* -% * Compiled from key_prot.x using rpcgen. -% * DO NOT EDIT THIS FILE! -% * This is NOT source code! -% */ - -/* - * Key server protocol definition - * Copyright (C) 1987 Sun Microsystems, Inc. - * - * The keyserver is a public key storage/encryption/decryption service - * The encryption method used is Diffie-Hellman with 128 bit keys. - * - * The key server is local to each machine, akin to the portmapper. - * Only privileged processes may talk to the key server, so - * user processes must communicate through a privileged dispatcher (such - * as the kernel or a set-uid-root process). - */ -program KEY_PROG { - version KEY_VERS { - /* - * This is my secret key. - * Store it for me. - */ - int - KEY_SET(keybuf) = 1; - - /* - * I want to talk to X. - * Encrypt a conversation key for me. - */ - cryptkeyres - KEY_ENCRYPT(cryptkeyarg) = 2; - - /* - * X just sent me a message. - * Decrypt the conversation key for me. - */ - cryptkeyres - KEY_DECRYPT(cryptkeyarg) = 3; - - /* - * Generate a secure conversation key for me - */ - des_block - KEY_GEN(void) = 4; - - /* - * Get me the uid, gid and group-access-list associated - * with this netname (for kernel which cannot use yp) - */ - getcredres - KEY_GETCRED(netnamestr) = 5; - } = 1; -} = 100029; - - -/* - * PROOT and MODULUS define the way the Diffie-Hellman key is generated. - * - * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, - * where p is also prime. - * - * PROOT satisfies the following two conditions: - * (1) (PROOT ** 2) % MODULUS != 1 - * (2) (PROOT ** p) % MODULUS != 1 - * - */ - -const PROOT = 3; -const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; - -const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ -const KEYSIZE = 192; /* KEYSIZE == bit length of key */ -const KEYBYTES = 24; /* byte length of key */ - -/* - * The first 16 hex digits of the encrypted secret key are used as - * a checksum in the database. - */ -const KEYCHECKSUMSIZE = 16; - -/* - * status of operation - */ -enum keystatus { - KEY_SUCCESS, /* no problems */ - KEY_NOSECRET, /* no secret key stored */ - KEY_UNKNOWN, /* unknown netname */ - KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ -}; - -/* - * The kernel doesn't use keybuf, so we insure that it - * is ifdef'd out in the output files. The proper way to do - * this is to #ifndef KERNEL it here, and have the kernel build - * use rpcgen, but config doesn't understand rpcgen files so - * it is done this way. - */ -#ifndef RPC_SVC -%#ifndef KERNEL -typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ -%#endif -#endif - -typedef string netnamestr<MAXNETNAMELEN>; - -/* - * Argument to ENCRYPT or DECRYPT - */ -struct cryptkeyarg { - netnamestr remotename; - des_block deskey; -}; - -/* - * Result of ENCRYPT or DECRYPT - */ -union cryptkeyres switch (keystatus status) { -case KEY_SUCCESS: - des_block deskey; -default: - void; -}; - -const MAXGIDS = 16; /* max number of gids in gid list */ - -/* - * Unix credential - */ -struct unixcred { - int uid; - int gid; - int gids<MAXGIDS>; -}; - -/* - * Result returned from GETCRED - */ -union getcredres switch (keystatus status) { -case KEY_SUCCESS: - unixcred cred; -default: - void; -}; diff --git a/lib/librpc/secure_rpc/rpc/netname.c b/lib/librpc/secure_rpc/rpc/netname.c deleted file mode 100644 index 21e2491..0000000 --- a/lib/librpc/secure_rpc/rpc/netname.c +++ /dev/null @@ -1,239 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)netname.c 2.2 88/08/10 4.0 RPCSRC; from 1.9 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * netname utility routines - * convert from unix names to network names and vice-versa - * This module is operating system dependent! - * What we define here will work with any unix system that has adopted - * the sun yp domain architecture. - */ -#include <sys/param.h> -#include <rpc/rpc.h> -#include <ctype.h> - -extern char *sprintf(); -extern char *strncpy(); - -static char OPSYS[] = "unix"; -static char NETID[] = "netid.byname"; - -/* - * Convert network-name into unix credential - */ -netname2user(netname, uidp, gidp, gidlenp, gidlist) - char netname[MAXNETNAMELEN+1]; - int *uidp; - int *gidp; - int *gidlenp; - int *gidlist; -{ - int stat; - char *val; - char *p; - int vallen; - char *domain; - int gidlen; - - stat = yp_get_default_domain(&domain); - if (stat != 0) { - return (0); - } - stat = yp_match(domain, NETID, netname, strlen(netname), &val, &vallen); - if (stat != 0) { - return (0); - } - val[vallen] = 0; - p = val; - *uidp = atois(&p); - if (p == NULL || *p++ != ':') { - free(val); - return (0); - } - *gidp = atois(&p); - if (p == NULL) { - free(val); - return (0); - } - gidlen = 0; - for (gidlen = 0; gidlen < NGROUPS; gidlen++) { - if (*p++ != ',') { - break; - } - gidlist[gidlen] = atois(&p); - if (p == NULL) { - free(val); - return (0); - } - } - *gidlenp = gidlen; - free(val); - return (1); -} - -/* - * Convert network-name to hostname - */ -netname2host(netname, hostname, hostlen) - char netname[MAXNETNAMELEN+1]; - char *hostname; - int hostlen; -{ - int stat; - char *val; - int vallen; - char *domain; - - stat = yp_get_default_domain(&domain); - if (stat != 0) { - return (0); - } - stat = yp_match(domain, NETID, netname, strlen(netname), &val, &vallen); - if (stat != 0) { - return (0); - } - val[vallen] = 0; - if (*val != '0') { - free(val); - return (0); - } - if (val[1] != ':') { - free(val); - return (0); - } - (void) strncpy(hostname, val + 2, hostlen); - free(val); - return (1); -} - - -/* - * Figure out my fully qualified network name - */ -getnetname(name) - char name[MAXNETNAMELEN+1]; -{ - int uid; - - uid = geteuid(); - if (uid == 0) { - return (host2netname(name, (char *) NULL, (char *) NULL)); - } else { - return (user2netname(name, uid, (char *) NULL)); - } -} - - -/* - * Convert unix cred to network-name - */ -user2netname(netname, uid, domain) - char netname[MAXNETNAMELEN + 1]; - int uid; - char *domain; -{ - char *dfltdom; - -#define MAXIPRINT (11) /* max length of printed integer */ - - if (domain == NULL) { - if (yp_get_default_domain(&dfltdom) != 0) { - return (0); - } - domain = dfltdom; - } - if (strlen(domain) + 1 + MAXIPRINT > MAXNETNAMELEN) { - return (0); - } - (void) sprintf(netname, "%s.%d@%s", OPSYS, uid, domain); - return (1); -} - - -/* - * Convert host to network-name - */ -host2netname(netname, host, domain) - char netname[MAXNETNAMELEN + 1]; - char *host; - char *domain; -{ - char *dfltdom; - char hostname[MAXHOSTNAMELEN+1]; - - if (domain == NULL) { - if (yp_get_default_domain(&dfltdom) != 0) { - return (0); - } - domain = dfltdom; - } - if (host == NULL) { - (void) gethostname(hostname, sizeof(hostname)); - host = hostname; - } - if (strlen(domain) + 1 + strlen(host) > MAXNETNAMELEN) { - return (0); - } - (void) sprintf(netname, "%s.%s@%s", OPSYS, host, domain); - return (1); -} - - -static -atois(str) - char **str; -{ - char *p; - int n; - int sign; - - if (**str == '-') { - sign = -1; - (*str)++; - } else { - sign = 1; - } - n = 0; - for (p = *str; isdigit(*p); p++) { - n = (10 * n) + (*p - '0'); - } - if (p == *str) { - *str = NULL; - return (0); - } - *str = p; - return (n * sign); -} diff --git a/lib/librpc/secure_rpc/rpc/openchild.c b/lib/librpc/secure_rpc/rpc/openchild.c deleted file mode 100644 index b30e615..0000000 --- a/lib/librpc/secure_rpc/rpc/openchild.c +++ /dev/null @@ -1,133 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)openchild.c 2.3 88/08/15 4.0 RPCSRC; from 1.7 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * Open two pipes to a child process, one for reading, one for writing. - * The pipes are accessed by FILE pointers. This is NOT a public - * interface, but for internal use only! - */ -#include <stdio.h> - -extern char *malloc(); -extern char *rindex(); -extern char *sprintf(); - -static char *basename(); -static char SHELL[] = "/bin/sh"; - - -/* - * returns pid, or -1 for failure - */ -_openchild(command, fto, ffrom) - char *command; - FILE **fto; - FILE **ffrom; -{ - int i; - int pid; - int pdto[2]; - int pdfrom[2]; - char *com; - - - if (pipe(pdto) < 0) { - goto error1; - } - if (pipe(pdfrom) < 0) { - goto error2; - } - switch (pid = vfork()) { - case -1: - goto error3; - - case 0: - /* - * child: read from pdto[0], write into pdfrom[1] - */ - (void) close(0); - (void) dup(pdto[0]); - (void) close(1); - (void) dup(pdfrom[1]); - for (i = _rpc_dtablesize() - 1; i >= 3; i--) { - (void) close(i); - } - com = malloc((unsigned) strlen(command) + 6); - if (com == NULL) { - _exit(~0); - } - (void) sprintf(com, "exec %s", command); - execl(SHELL, basename(SHELL), "-c", com, NULL); - _exit(~0); - - default: - /* - * parent: write into pdto[1], read from pdfrom[0] - */ - *fto = fdopen(pdto[1], "w"); - (void) close(pdto[0]); - *ffrom = fdopen(pdfrom[0], "r"); - (void) close(pdfrom[1]); - break; - } - return (pid); - - /* - * error cleanup and return - */ -error3: - (void) close(pdfrom[0]); - (void) close(pdfrom[1]); -error2: - (void) close(pdto[0]); - (void) close(pdto[1]); -error1: - return (-1); -} - -static char * -basename(path) - char *path; -{ - char *p; - - p = rindex(path, '/'); - if (p == NULL) { - return (path); - } else { - return (p + 1); - } -} diff --git a/lib/librpc/secure_rpc/rpc/publickey.c b/lib/librpc/secure_rpc/rpc/publickey.c deleted file mode 100644 index d403b63..0000000 --- a/lib/librpc/secure_rpc/rpc/publickey.c +++ /dev/null @@ -1,129 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)publickey.c 2.3 88/08/15 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - * @(#) from SUN 1.3 - */ - -/* - * Public key lookup routines - */ -#include <stdio.h> -#include <pwd.h> -#include <rpc/rpc.h> -#include <rpc/key_prot.h> - - -extern char *index(); -extern char *strcpy(); - -static char PKMAP[] = "publickey.byname"; - -/* - * Get somebody's encrypted secret key from the database, using - * the given passwd to decrypt it. - */ -getsecretkey(netname, secretkey, passwd) - char *netname; - char *secretkey; - char *passwd; -{ - char *domain; - int len; - char *lookup; - int err; - char *p; - - - err = yp_get_default_domain(&domain); - if (err) { - return(0); - } - err = yp_match(domain, PKMAP, netname, strlen(netname), &lookup, &len); - if (err) { - return(0); - } - lookup[len] = 0; - p = index(lookup,':'); - if (p == NULL) { - free(lookup); - return(0); - } - p++; - if (!xdecrypt(p, passwd)) { - free(lookup); - return(0); - } - if (bcmp(p, p + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0) { - secretkey[0] = 0; - free(lookup); - return(1); - } - p[HEXKEYBYTES] = 0; - (void) strcpy(secretkey, p); - free(lookup); - return(1); -} - - - -/* - * Get somebody's public key - */ -getpublickey(netname, publickey) - char *netname; - char *publickey; -{ - char *domain; - int len; - char *lookup; - int err; - char *p; - - err = yp_get_default_domain(&domain); - if (err) { - return(0); - } - err = yp_match(domain, PKMAP, netname, strlen(netname), &lookup, &len); - if (err) { - return(0); - } - p = index(lookup, ':'); - if (p == NULL) { - free(lookup); - return(0); - } - *p = 0; - (void) strcpy(publickey, lookup); - return(1); -} diff --git a/lib/librpc/secure_rpc/rpc/rtime.c b/lib/librpc/secure_rpc/rpc/rtime.c deleted file mode 100644 index 725995c..0000000 --- a/lib/librpc/secure_rpc/rpc/rtime.c +++ /dev/null @@ -1,141 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)rtime.c 2.2 88/08/10 4.0 RPCSRC; from 1.8 88/02/08 SMI"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - - */ - -/* - * rtime - get time from remote machine - * - * gets time, obtaining value from host - * on the udp/time socket. Since timeserver returns - * with time of day in seconds since Jan 1, 1900, must - * subtract seconds before Jan 1, 1970 to get - * what unix uses. - */ -#include <sys/types.h> -#include <sys/socket.h> -#include <sys/time.h> -#include <sys/errno.h> -#include <netinet/in.h> -#include <stdio.h> - -#define NYEARS (1970 - 1900) -#define TOFFSET (60*60*24*(365*NYEARS + (NYEARS/4))) -extern errno; - -static void do_close(); - -rtime(addrp, timep, timeout) - struct sockaddr_in *addrp; - struct timeval *timep; - struct timeval *timeout; -{ - int s; - fd_set readfds; - int res; - unsigned long thetime; - struct sockaddr_in from; - int fromlen; - int type; - - if (timeout == NULL) { - type = SOCK_STREAM; - } else { - type = SOCK_DGRAM; - } - s = socket(AF_INET, type, 0); - if (s < 0) { - return(-1); - } - addrp->sin_family = AF_INET; - addrp->sin_port = htons(IPPORT_TIMESERVER); - if (type == SOCK_DGRAM) { - res = sendto(s, (char *)&thetime, sizeof(thetime), 0, - (struct sockaddr *)addrp, sizeof(*addrp)); - if (res < 0) { - do_close(s); - return(-1); - } - do { - FD_ZERO(&readfds); - FD_SET(s, &readfds); - res = select(_rpc_dtablesize(), &readfds, (int *)NULL, - (int *)NULL, timeout); - } while (res < 0 && errno == EINTR); - if (res <= 0) { - if (res == 0) { - errno = ETIMEDOUT; - } - do_close(s); - return(-1); - } - fromlen = sizeof(from); - res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, - (struct sockaddr *)&from, &fromlen); - do_close(s); - if (res < 0) { - return(-1); - } - } else { - if (connect(s, (struct sockaddr *)addrp, sizeof(*addrp)) < 0) { - do_close(s); - return(-1); - } - res = read(s, (char *)&thetime, sizeof(thetime)); - do_close(s); - if (res < 0) { - return(-1); - } - } - if (res != sizeof(thetime)) { - errno = EIO; - return(-1); - } - thetime = ntohl(thetime); - timep->tv_sec = thetime - TOFFSET; - timep->tv_usec = 0; - return(0); -} - -static void -do_close(s) - int s; -{ - int save; - - save = errno; - (void) close(s); - errno = save; -} diff --git a/lib/librpc/secure_rpc/rpc/svc_auth.c b/lib/librpc/secure_rpc/rpc/svc_auth.c deleted file mode 100644 index 7ad47ca..0000000 --- a/lib/librpc/secure_rpc/rpc/svc_auth.c +++ /dev/null @@ -1,116 +0,0 @@ -/* @(#)svc_auth.c 2.4 88/08/15 4.0 RPCSRC */ -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -#if !defined(lint) && defined(SCCSIDS) -static char sccsid[] = "@(#)svc_auth.c 1.19 87/08/11 Copyr 1984 Sun Micro"; -#endif - -/* - * svc_auth.c, Server-side rpc authenticator interface. - * - * Copyright (C) 1984, Sun Microsystems, Inc. - */ - -#include <rpc/rpc.h> - -/* - * svcauthsw is the bdevsw of server side authentication. - * - * Server side authenticators are called from authenticate by - * using the client auth struct flavor field to index into svcauthsw. - * The server auth flavors must implement a routine that looks - * like: - * - * enum auth_stat - * flavorx_auth(rqst, msg) - * register struct svc_req *rqst; - * register struct rpc_msg *msg; - * - */ - -enum auth_stat _svcauth_null(); /* no authentication */ -enum auth_stat _svcauth_unix(); /* unix style (uid, gids) */ -enum auth_stat _svcauth_short(); /* short hand unix style */ -enum auth_stat _svcauth_des(); /* des style */ - -static struct { - enum auth_stat (*authenticator)(); -} svcauthsw[] = { - _svcauth_null, /* AUTH_NULL */ - _svcauth_unix, /* AUTH_UNIX */ - _svcauth_short, /* AUTH_SHORT */ - _svcauth_des /* AUTH_DES */ -}; -#define AUTH_MAX 3 /* HIGHEST AUTH NUMBER */ - - -/* - * The call rpc message, msg has been obtained from the wire. The msg contains - * the raw form of credentials and verifiers. authenticate returns AUTH_OK - * if the msg is successfully authenticated. If AUTH_OK then the routine also - * does the following things: - * set rqst->rq_xprt->verf to the appropriate response verifier; - * sets rqst->rq_client_cred to the "cooked" form of the credentials. - * - * NB: rqst->rq_cxprt->verf must be pre-alloctaed; - * its length is set appropriately. - * - * The caller still owns and is responsible for msg->u.cmb.cred and - * msg->u.cmb.verf. The authentication system retains ownership of - * rqst->rq_client_cred, the cooked credentials. - * - * There is an assumption that any flavour less than AUTH_NULL is - * invalid. - */ -enum auth_stat -_authenticate(rqst, msg) - register struct svc_req *rqst; - struct rpc_msg *msg; -{ - register int cred_flavor; - - rqst->rq_cred = msg->rm_call.cb_cred; - rqst->rq_xprt->xp_verf.oa_flavor = _null_auth.oa_flavor; - rqst->rq_xprt->xp_verf.oa_length = 0; - cred_flavor = rqst->rq_cred.oa_flavor; - if ((cred_flavor <= AUTH_MAX) && (cred_flavor >= AUTH_NULL)) { - return ((*(svcauthsw[cred_flavor].authenticator))(rqst, msg)); - } - - return (AUTH_REJECTEDCRED); -} - -enum auth_stat -_svcauth_null(/*rqst, msg*/) - /*struct svc_req *rqst; - struct rpc_msg *msg;*/ -{ - - return (AUTH_OK); -} diff --git a/lib/librpc/secure_rpc/rpc/svcauth_des.c b/lib/librpc/secure_rpc/rpc/svcauth_des.c deleted file mode 100644 index 0129bef..0000000 --- a/lib/librpc/secure_rpc/rpc/svcauth_des.c +++ /dev/null @@ -1,519 +0,0 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)svcauth_des.c 2.3 89/07/11 4.0 RPCSRC; from 1.15 88/02/08 SMI"; -#endif - -/* - * Copyright (c) 1988 by Sun Microsystems, Inc. - */ - -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -/* - * svcauth_des.c, server-side des authentication - * - * We insure for the service the following: - * (1) The timestamp microseconds do not exceed 1 million. - * (2) The timestamp plus the window is less than the current time. - * (3) The timestamp is not less than the one previously - * seen in the current session. - * - * It is up to the server to determine if the window size is - * too small . - * - */ - -#include <des_crypt.h> -#include <sys/param.h> -#include <netinet/in.h> -#include <rpc/types.h> -#include <rpc/xdr.h> -#include <rpc/auth.h> -#include <rpc/auth_des.h> -#include <rpc/svc_auth.h> -#include <rpc/svc.h> -#include <rpc/rpc_msg.h> - - -#define debug(msg) /*printf("svcauth_des: %s\n", msg)*/ - -extern char *strcpy(); - -#define USEC_PER_SEC ((u_long) 1000000L) -#define BEFORE(t1, t2) timercmp(t1, t2, <) - -/* - * LRU cache of conversation keys and some other useful items. - */ -#define AUTHDES_CACHESZ 64 -struct cache_entry { - des_block key; /* conversation key */ - char *rname; /* client's name */ - u_int window; /* credential lifetime window */ - struct timeval laststamp; /* detect replays of creds */ - char *localcred; /* generic local credential */ -}; -static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */; -static short *authdes_lru/* [AUTHDES_CACHESZ] */; - -static void cache_init(); /* initialize the cache */ -static short cache_spot(); /* find an entry in the cache */ -static void cache_ref(/*short sid*/); /* note that sid was ref'd */ - -static void invalidate(); /* invalidate entry in cache */ - -/* - * cache statistics - */ -struct { - u_long ncachehits; /* times cache hit, and is not replay */ - u_long ncachereplays; /* times cache hit, and is replay */ - u_long ncachemisses; /* times cache missed */ -} svcauthdes_stats; - -/* - * Service side authenticator for AUTH_DES - */ -enum auth_stat -_svcauth_des(rqst, msg) - register struct svc_req *rqst; - register struct rpc_msg *msg; -{ - - register long *ixdr; - des_block cryptbuf[2]; - register struct authdes_cred *cred; - struct authdes_verf verf; - int status; - register struct cache_entry *entry; - short sid; - des_block *sessionkey; - des_block ivec; - u_int window; - struct timeval timestamp; - u_long namelen; - struct area { - struct authdes_cred area_cred; - char area_netname[MAXNETNAMELEN+1]; - } *area; - - if (authdes_cache == NULL) { - cache_init(); - } - - area = (struct area *)rqst->rq_clntcred; - cred = (struct authdes_cred *)&area->area_cred; - - /* - * Get the credential - */ - ixdr = (long *)msg->rm_call.cb_cred.oa_base; - cred->adc_namekind = IXDR_GET_ENUM(ixdr, enum authdes_namekind); - switch (cred->adc_namekind) { - case ADN_FULLNAME: - namelen = IXDR_GET_U_LONG(ixdr); - if (namelen > MAXNETNAMELEN) { - return (AUTH_BADCRED); - } - cred->adc_fullname.name = area->area_netname; - bcopy((char *)ixdr, cred->adc_fullname.name, - (u_int)namelen); - cred->adc_fullname.name[namelen] = 0; - ixdr += (RNDUP(namelen) / BYTES_PER_XDR_UNIT); - cred->adc_fullname.key.key.high = (u_long)*ixdr++; - cred->adc_fullname.key.key.low = (u_long)*ixdr++; - cred->adc_fullname.window = (u_long)*ixdr++; - break; - case ADN_NICKNAME: - cred->adc_nickname = (u_long)*ixdr++; - break; - default: - return (AUTH_BADCRED); - } - - /* - * Get the verifier - */ - ixdr = (long *)msg->rm_call.cb_verf.oa_base; - verf.adv_xtimestamp.key.high = (u_long)*ixdr++; - verf.adv_xtimestamp.key.low = (u_long)*ixdr++; - verf.adv_int_u = (u_long)*ixdr++; - - - /* - * Get the conversation key - */ - if (cred->adc_namekind == ADN_FULLNAME) { - sessionkey = &cred->adc_fullname.key; - if (key_decryptsession(cred->adc_fullname.name, - sessionkey) < 0) { - debug("decryptsessionkey"); - return (AUTH_BADCRED); /* key not found */ - } - } else { /* ADN_NICKNAME */ - sid = (short)cred->adc_nickname; - if (sid >= AUTHDES_CACHESZ) { - debug("bad nickname"); - return (AUTH_BADCRED); /* garbled credential */ - } - sessionkey = &authdes_cache[sid].key; - } - - - /* - * Decrypt the timestamp - */ - cryptbuf[0] = verf.adv_xtimestamp; - if (cred->adc_namekind == ADN_FULLNAME) { - cryptbuf[1].key.high = cred->adc_fullname.window; - cryptbuf[1].key.low = verf.adv_winverf; - ivec.key.high = ivec.key.low = 0; - status = cbc_crypt((char *)sessionkey, (char *)cryptbuf, - 2*sizeof(des_block), DES_DECRYPT | DES_HW, - (char *)&ivec); - } else { - status = ecb_crypt((char *)sessionkey, (char *)cryptbuf, - sizeof(des_block), DES_DECRYPT | DES_HW); - } - if (DES_FAILED(status)) { - debug("decryption failure"); - return (AUTH_FAILED); /* system error */ - } - - /* - * XDR the decrypted timestamp - */ - ixdr = (long *)cryptbuf; - timestamp.tv_sec = IXDR_GET_LONG(ixdr); - timestamp.tv_usec = IXDR_GET_LONG(ixdr); - - /* - * Check for valid credentials and verifiers. - * They could be invalid because the key was flushed - * out of the cache, and so a new session should begin. - * Be sure and send AUTH_REJECTED{CRED, VERF} if this is the case. - */ - { - struct timeval current; - int nick; - int winverf; - - if (cred->adc_namekind == ADN_FULLNAME) { - window = IXDR_GET_U_LONG(ixdr); - winverf = IXDR_GET_U_LONG(ixdr); - if (winverf != window - 1) { - debug("window verifier mismatch"); - return (AUTH_BADCRED); /* garbled credential */ - } - sid = cache_spot(sessionkey, cred->adc_fullname.name, - ×tamp); - if (sid < 0) { - debug("replayed credential"); - return (AUTH_REJECTEDCRED); /* replay */ - } - nick = 0; - } else { /* ADN_NICKNAME */ - window = authdes_cache[sid].window; - nick = 1; - } - - if ((u_long)timestamp.tv_usec >= USEC_PER_SEC) { - debug("invalid usecs"); - /* cached out (bad key), or garbled verifier */ - return (nick ? AUTH_REJECTEDVERF : AUTH_BADVERF); - } - if (nick && BEFORE(×tamp, - &authdes_cache[sid].laststamp)) { - debug("timestamp before last seen"); - return (AUTH_REJECTEDVERF); /* replay */ - } - (void) gettimeofday(¤t, (struct timezone *)NULL); - current.tv_sec -= window; /* allow for expiration */ - if (!BEFORE(¤t, ×tamp)) { - debug("timestamp expired"); - /* replay, or garbled credential */ - return (nick ? AUTH_REJECTEDVERF : AUTH_BADCRED); - } - } - - /* - * Set up the reply verifier - */ - verf.adv_nickname = (u_long)sid; - - /* - * xdr the timestamp before encrypting - */ - ixdr = (long *)cryptbuf; - IXDR_PUT_LONG(ixdr, timestamp.tv_sec - 1); - IXDR_PUT_LONG(ixdr, timestamp.tv_usec); - - /* - * encrypt the timestamp - */ - status = ecb_crypt((char *)sessionkey, (char *)cryptbuf, - sizeof(des_block), DES_ENCRYPT | DES_HW); - if (DES_FAILED(status)) { - debug("encryption failure"); - return (AUTH_FAILED); /* system error */ - } - verf.adv_xtimestamp = cryptbuf[0]; - - /* - * Serialize the reply verifier, and update rqst - */ - ixdr = (long *)msg->rm_call.cb_verf.oa_base; - *ixdr++ = (long)verf.adv_xtimestamp.key.high; - *ixdr++ = (long)verf.adv_xtimestamp.key.low; - *ixdr++ = (long)verf.adv_int_u; - - rqst->rq_xprt->xp_verf.oa_flavor = AUTH_DES; - rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base; - rqst->rq_xprt->xp_verf.oa_length = - (char *)ixdr - msg->rm_call.cb_verf.oa_base; - - /* - * We succeeded, commit the data to the cache now and - * finish cooking the credential. - */ - entry = &authdes_cache[sid]; - entry->laststamp = timestamp; - cache_ref(sid); - if (cred->adc_namekind == ADN_FULLNAME) { - cred->adc_fullname.window = window; - cred->adc_nickname = (u_long)sid; /* save nickname */ - if (entry->rname != NULL) { - mem_free(entry->rname, strlen(entry->rname) + 1); - } - entry->rname = mem_alloc((u_int)strlen(cred->adc_fullname.name) - + 1); - if (entry->rname != NULL) { - (void) strcpy(entry->rname, cred->adc_fullname.name); - } else { - debug("out of memory"); - } - entry->key = *sessionkey; - entry->window = window; - invalidate(entry->localcred); /* mark any cached cred invalid */ - } else { /* ADN_NICKNAME */ - /* - * nicknames are cooked into fullnames - */ - cred->adc_namekind = ADN_FULLNAME; - cred->adc_fullname.name = entry->rname; - cred->adc_fullname.key = entry->key; - cred->adc_fullname.window = entry->window; - } - return (AUTH_OK); /* we made it!*/ -} - - -/* - * Initialize the cache - */ -static void -cache_init() -{ - register int i; - - authdes_cache = (struct cache_entry *) - mem_alloc(sizeof(struct cache_entry) * AUTHDES_CACHESZ); - bzero((char *)authdes_cache, - sizeof(struct cache_entry) * AUTHDES_CACHESZ); - - authdes_lru = (short *)mem_alloc(sizeof(short) * AUTHDES_CACHESZ); - /* - * Initialize the lru list - */ - for (i = 0; i < AUTHDES_CACHESZ; i++) { - authdes_lru[i] = i; - } -} - - -/* - * Find the lru victim - */ -static short -cache_victim() -{ - return (authdes_lru[AUTHDES_CACHESZ-1]); -} - -/* - * Note that sid was referenced - */ -static void -cache_ref(sid) - register short sid; -{ - register int i; - register short curr; - register short prev; - - prev = authdes_lru[0]; - authdes_lru[0] = sid; - for (i = 1; prev != sid; i++) { - curr = authdes_lru[i]; - authdes_lru[i] = prev; - prev = curr; - } -} - - -/* - * Find a spot in the cache for a credential containing - * the items given. Return -1 if a replay is detected, otherwise - * return the spot in the cache. - */ -static short -cache_spot(key, name, timestamp) - register des_block *key; - char *name; - struct timeval *timestamp; -{ - register struct cache_entry *cp; - register int i; - register u_long hi; - - hi = key->key.high; - for (cp = authdes_cache, i = 0; i < AUTHDES_CACHESZ; i++, cp++) { - if (cp->key.key.high == hi && - cp->key.key.low == key->key.low && - cp->rname != NULL && - bcmp(cp->rname, name, strlen(name) + 1) == 0) { - if (BEFORE(timestamp, &cp->laststamp)) { - svcauthdes_stats.ncachereplays++; - return (-1); /* replay */ - } - svcauthdes_stats.ncachehits++; - return (i); /* refresh */ - } - } - svcauthdes_stats.ncachemisses++; - return (cache_victim()); /* new credential */ -} - - -#if (defined(sun) || defined(vax)) -/* - * Local credential handling stuff. - * NOTE: bsd unix dependent. - * Other operating systems should put something else here. - */ -#define UNKNOWN -2 /* grouplen, if cached cred is unknown user */ -#define INVALID -1 /* grouplen, if cache entry is invalid */ - -struct bsdcred { - short uid; /* cached uid */ - short gid; /* cached gid */ - short grouplen; /* length of cached groups */ - short groups[NGROUPS]; /* cached groups */ -}; - -/* - * Map a des credential into a unix cred. - * We cache the credential here so the application does - * not have to make an rpc call every time to interpret - * the credential. - */ -authdes_getucred(adc, uid, gid, grouplen, groups) - struct authdes_cred *adc; - short *uid; - short *gid; - short *grouplen; - register int *groups; -{ - unsigned sid; - register int i; - int i_uid; - int i_gid; - int i_grouplen; - struct bsdcred *cred; - - sid = adc->adc_nickname; - if (sid >= AUTHDES_CACHESZ) { - debug("invalid nickname"); - return (0); - } - cred = (struct bsdcred *)authdes_cache[sid].localcred; - if (cred == NULL) { - cred = (struct bsdcred *)mem_alloc(sizeof(struct bsdcred)); - authdes_cache[sid].localcred = (char *)cred; - cred->grouplen = INVALID; - } - if (cred->grouplen == INVALID) { - /* - * not in cache: lookup - */ - if (!netname2user(adc->adc_fullname.name, &i_uid, &i_gid, - &i_grouplen, groups)) - { - debug("unknown netname"); - cred->grouplen = UNKNOWN; /* mark as lookup up, but not found */ - return (0); - } - debug("missed ucred cache"); - *uid = cred->uid = i_uid; - *gid = cred->gid = i_gid; - *grouplen = cred->grouplen = i_grouplen; - for (i = i_grouplen - 1; i >= 0; i--) { - cred->groups[i] = groups[i]; /* int to short */ - } - return (1); - } else if (cred->grouplen == UNKNOWN) { - /* - * Already lookup up, but no match found - */ - return (0); - } - - /* - * cached credentials - */ - *uid = cred->uid; - *gid = cred->gid; - *grouplen = cred->grouplen; - for (i = cred->grouplen - 1; i >= 0; i--) { - groups[i] = cred->groups[i]; /* short to int */ - } - return (1); -} - -static void -invalidate(cred) - char *cred; -{ - if (cred == NULL) { - return; - } - ((struct bsdcred *)cred)->grouplen = INVALID; -} -#endif - diff --git a/lib/librpc/secure_rpc/rpc/xcrypt.c b/lib/librpc/secure_rpc/rpc/xcrypt.c deleted file mode 100644 index 215fda6..0000000 --- a/lib/librpc/secure_rpc/rpc/xcrypt.c +++ /dev/null @@ -1,183 +0,0 @@ -#ifndef lint -static char sccsid[] = "@(#)xcrypt.c 2.2 88/08/10 4.0 RPCSRC"; -#endif -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ -/* - * Hex encryption/decryption and utility routines - * - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -#include <stdio.h> -#include <des_crypt.h> - -extern char *malloc(); - -extern char hex[]; /* forward */ -static char hexval(); - -/* - * Encrypt a secret key given passwd - * The secret key is passed and returned in hex notation. - * Its length must be a multiple of 16 hex digits (64 bits). - */ -xencrypt(secret, passwd) - char *secret; - char *passwd; -{ - char key[8]; - char ivec[8]; - char *buf; - int err; - int len; - - len = strlen(secret) / 2; - buf = malloc((unsigned)len); - - hex2bin(len, secret, buf); - passwd2des(passwd, key); - bzero(ivec, 8); - - err = cbc_crypt(key, buf, len, DES_ENCRYPT | DES_HW, ivec); - if (DES_FAILED(err)) { - free(buf); - return (0); - } - bin2hex(len, (unsigned char *) buf, secret); - free(buf); - return (1); -} - -/* - * Decrypt secret key using passwd - * The secret key is passed and returned in hex notation. - * Once again, the length is a multiple of 16 hex digits - */ -xdecrypt(secret, passwd) - char *secret; - char *passwd; -{ - char key[8]; - char ivec[8]; - char *buf; - int err; - int len; - - len = strlen(secret) / 2; - buf = malloc((unsigned)len); - - hex2bin(len, secret, buf); - passwd2des(passwd, key); - bzero(ivec, 8); - - err = cbc_crypt(key, buf, len, DES_DECRYPT | DES_HW, ivec); - if (DES_FAILED(err)) { - free(buf); - return (0); - } - bin2hex(len, (unsigned char *) buf, secret); - free(buf); - return (1); -} - - -/* - * Turn password into DES key - */ -passwd2des(pw, key) - char *pw; - char *key; -{ - int i; - - bzero(key, 8); - for (i = 0; *pw; i = (i+1)%8) { - key[i] ^= *pw++ << 1; - } - des_setparity(key); -} - - - -/* - * Hex to binary conversion - */ -static -hex2bin(len, hexnum, binnum) - int len; - char *hexnum; - char *binnum; -{ - int i; - - for (i = 0; i < len; i++) { - *binnum++ = 16 * hexval(hexnum[2*i]) + hexval(hexnum[2*i+1]); - } -} - -/* - * Binary to hex conversion - */ -static -bin2hex(len, binnum, hexnum) - int len; - unsigned char *binnum; - char *hexnum; -{ - int i; - unsigned val; - - for (i = 0; i < len; i++) { - val = binnum[i]; - hexnum[i*2] = hex[val >> 4]; - hexnum[i*2+1] = hex[val & 0xf]; - } - hexnum[len*2] = 0; -} - -static char hex[16] = { - '0', '1', '2', '3', '4', '5', '6', '7', - '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', -}; - -static char -hexval(c) - char c; -{ - if (c >= '0' && c <= '9') { - return (c - '0'); - } else if (c >= 'a' && c <= 'z') { - return (c - 'a' + 10); - } else if (c >= 'A' && c <= 'Z') { - return (c - 'A' + 10); - } else { - return (-1); - } -} |
