From 47593e96dbe3708fe97b5b7be93459025aba405f Mon Sep 17 00:00:00 2001 From: Bill Paul Date: Wed, 28 May 1997 04:51:09 +0000 Subject: [PATCH] Step three: update librpcsvc for Secure RPC. Reviewed by: Mark Murray --- lib/librpcsvc/Makefile | 27 +++-- lib/librpcsvc/publickey.c | 172 ++++++++++++++++++++++++++++++++ lib/librpcsvc/rnusers.c | 68 +++++++++++++ lib/librpcsvc/rstat.c | 67 +++++++++++++ lib/librpcsvc/rwall.c | 52 ++++++++++ lib/librpcsvc/secretkey.c | 85 ++++++++++++++++ lib/librpcsvc/xcrypt.c | 192 +++++++++++++++++++++++++++++++++++ lib/librpcsvc/yp_passwd.c | 90 +++++++++++++++++ lib/librpcsvc/yp_update.c | 204 ++++++++++++++++++++++++++++++++++++++ 9 files changed, 946 insertions(+), 11 deletions(-) create mode 100644 lib/librpcsvc/publickey.c create mode 100644 lib/librpcsvc/rnusers.c create mode 100644 lib/librpcsvc/rstat.c create mode 100644 lib/librpcsvc/rwall.c create mode 100644 lib/librpcsvc/secretkey.c create mode 100644 lib/librpcsvc/xcrypt.c create mode 100644 lib/librpcsvc/yp_passwd.c create mode 100644 lib/librpcsvc/yp_update.c diff --git a/lib/librpcsvc/Makefile b/lib/librpcsvc/Makefile index 4a251c80f8c1..44c238470165 100644 --- a/lib/librpcsvc/Makefile +++ b/lib/librpcsvc/Makefile @@ -1,21 +1,27 @@ # from: @(#)Makefile 5.10 (Berkeley) 6/24/90 -# $Id: Makefile,v 1.1 1994/08/07 23:21:08 wollman Exp $ +# $Id: Makefile,v 1.6 1996/08/30 02:02:09 peter Exp $ .PATH: ${DESTDIR}/usr/include/rpcsvc LIB= rpcsvc RPCSRCS= klm_prot.x mount.x nfs_prot.x nlm_prot.x rex.x rnusers.x \ - rquota.x rstat.x rwall.x sm_inter.x spray.x yppasswd.x + rquota.x rstat.x rwall.x sm_inter.x spray.x yppasswd.x ypxfrd.x \ + ypupdate_prot.x -RPCCOM = rpcgen +OTHERSRCS= rnusers.c rstat.c rwall.c yp_passwd.c yp_update.c +SECRPCSRCS= publickey.c secretkey.c xcrypt.c -INCDIRS= -I/usr/include/rpcsvc -CFLAGS+= ${INCDIRS} +RPCCOM = rpcgen -C -SRCS= ${RPCSRCS:R:S/$/_xdr.c/g} +INCDIRS= -I${DESTDIR}/usr/include/rpcsvc -I${DESTDIR}/usr/include -CLEANFILES+= ${SRCS} ${RPCSRCS} +CFLAGS+= -DYP ${INCDIRS} + +GENSRCS= ${RPCSRCS:R:S/$/_xdr.c/g} +SRCS+= ${GENSRCS} ${OTHERSRCS} ${SECRPCSRCS} + +CLEANFILES+= ${GENSRCS} ${RPCSRCS} NOMAN= noman @@ -24,8 +30,7 @@ NOMAN= noman .SUFFIXES: .x _xdr.c .x_xdr.c: - @echo generating $@... - @PWD=`pwd` ; cd ${.CURDIR} ; if cmp -s ${.IMPSRC} ${*F}.x > /dev/null; then :; else cp -f ${.IMPSRC} $$PWD/${*F}.x ; fi - @${RPCCOM} -c ${*F}.x -o ${.TARGET} + ${RPCCOM} -c ${.IMPSRC} -o ${.TARGET} -OBJS+= ${RPCSRCS:R:S/$/_xdr.o/g} +OBJS= ${RPCSRCS:R:S/$/_xdr.o/g} ${SECRPCSRCS:R:S/$/.o/g} \ + ${OTHERSRCS:R:S/$/.o/g} diff --git a/lib/librpcsvc/publickey.c b/lib/librpcsvc/publickey.c new file mode 100644 index 000000000000..e1c34d9b25eb --- /dev/null +++ b/lib/librpcsvc/publickey.c @@ -0,0 +1,172 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if !defined(lint) && defined(SCCSIDS) +static char sccsid[] = "@(#)publickey.c 1.10 91/03/11 Copyr 1986 Sun Micro"; +#endif + +/* + * publickey.c + * Copyright (C) 1986, Sun Microsystems, Inc. + */ + +/* + * Public key lookup routines + */ +#include +#include +#include +#include +#include +#include +#include +#include + +#define PKFILE "/etc/publickey" + +/* + * Hack to let ypserv/rpc.nisd use AUTH_DES. + */ +int (*__getpublickey_LOCAL)() = 0; + +/* + * Get somebody's public key + */ +int +__getpublickey_real(netname, publickey) + char *netname; + char *publickey; +{ + char lookup[3 * HEXKEYBYTES]; + char *p; + + if (publickey == NULL) + return (0); + if (!getpublicandprivatekey(netname, lookup)) + return (0); + p = strchr(lookup, ':'); + if (p == NULL) { + return (0); + } + *p = '\0'; + (void) strncpy(publickey, lookup, HEXKEYBYTES); + publickey[HEXKEYBYTES] = '\0'; + return (1); +} + +/* + * reads the file /etc/publickey looking for a + to optionally go to the + * yellow pages + */ + +int +getpublicandprivatekey(key, ret) + char *key; + char *ret; +{ + char buf[1024]; /* big enough */ + char *res; + FILE *fd; + char *mkey; + char *mval; + + fd = fopen(PKFILE, "r"); + if (fd == (FILE *) 0) + return (0); + for (;;) { + res = fgets(buf, 1024, fd); + if (res == 0) { + fclose(fd); + return (0); + } + if (res[0] == '#') + continue; + else if (res[0] == '+') { +#ifdef YP + char *PKMAP = "publickey.byname"; + char *lookup; + char *domain; + int err; + int len; + + err = yp_get_default_domain(&domain); + if (err) { + continue; + } + lookup = NULL; + err = yp_match(domain, PKMAP, key, strlen(key), &lookup, &len); + if (err) { +#ifdef DEBUG + fprintf(stderr, "match failed error %d\n", err); +#endif + continue; + } + lookup[len] = 0; + strcpy(ret, lookup); + fclose(fd); + free(lookup); + return (2); +#else /* YP */ +#ifdef DEBUG + fprintf(stderr, +"Bad record in %s '+' -- NIS not supported in this library copy\n", PKFILE); +#endif /* DEBUG */ + continue; +#endif /* YP */ + } else { + mkey = strtok(buf, "\t "); + if (mkey == NULL) { + fprintf(stderr, + "Bad record in %s -- %s", PKFILE, buf); + continue; + } + mval = strtok((char *)NULL, " \t#\n"); + if (mval == NULL) { + fprintf(stderr, + "Bad record in %s val problem - %s", PKFILE, buf); + continue; + } + if (strcmp(mkey, key) == 0) { + strcpy(ret, mval); + fclose(fd); + return (1); + } + } + } +} + +int getpublickey(netname, publickey) + char *netname; + char *publickey; +{ + if (__getpublickey_LOCAL != NULL) + return(__getpublickey_LOCAL(netname, publickey)); + else + return(__getpublickey_real(netname, publickey)); +} diff --git a/lib/librpcsvc/rnusers.c b/lib/librpcsvc/rnusers.c new file mode 100644 index 000000000000..3a4629fce741 --- /dev/null +++ b/lib/librpcsvc/rnusers.c @@ -0,0 +1,68 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if !defined(lint) && defined(SCCSIDS) +static char sccsid[] = "@(#)rnusers.c 1.2 91/03/11 TIRPC 1.0; from 1.7 89/03/24 SMI"; +#endif + +/* + * rnusers.c + * + * "High" level programmatic interface to rnusers RPC service. + * + * Copyright (c) 1985 by Sun Microsystems, Inc. + */ + +#include +#include + +int +rusers(host, up) + char *host; + struct utmpidlearr *up; +{ + return (callrpc(host, RUSERSPROG, RUSERSVERS_IDLE, RUSERSPROC_NAMES, + xdr_void, (char *) NULL, + xdr_utmpidlearr, (char *) up)); +} + +int +rnusers(host) + char *host; +{ + int nusers; + + if (callrpc(host, RUSERSPROG, RUSERSVERS_ORIG, RUSERSPROC_NUM, + xdr_void, (char *) NULL, + xdr_u_long, (char *) &nusers) != 0) + return (-1); + else + return (nusers); +} + diff --git a/lib/librpcsvc/rstat.c b/lib/librpcsvc/rstat.c new file mode 100644 index 000000000000..6851c75892e7 --- /dev/null +++ b/lib/librpcsvc/rstat.c @@ -0,0 +1,67 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if !defined(lint) && defined(SCCSIDS) +static char sccsid[] = "@(#)rstat.c 1.2 91/03/11 TIRPC 1.0; from 1.6 89/03/24 SMI"; +#endif + +/* + * Copyright (c) 1985 by Sun Microsystems, Inc. + */ + +/* + * "High" level programmatic interface to rstat RPC service. + */ +#include +#include + +int +rstat(host, statp) + char *host; + struct statstime *statp; +{ + return (callrpc(host, RSTATPROG, RSTATVERS_TIME, RSTATPROC_STATS, + xdr_void, (char *) NULL, + xdr_statstime, (char *) statp)); +} + +int +havedisk(host) + char *host; +{ + long have; + + if (callrpc(host, RSTATPROG, RSTATVERS_SWTCH, RSTATPROC_HAVEDISK, + xdr_void, (char *) NULL, + xdr_long, (char *) &have) != 0) + return (-1); + else + return (have); +} + diff --git a/lib/librpcsvc/rwall.c b/lib/librpcsvc/rwall.c new file mode 100644 index 000000000000..97de86e29add --- /dev/null +++ b/lib/librpcsvc/rwall.c @@ -0,0 +1,52 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if !defined(lint) && defined(SCCSIDS) +static char sccsid[] = "@(#)rwall.c 1.2 91/03/11 TIRPC 1.0; from 1.3 89/03/24 SMI"; +#endif + +/* + * Copyright (c) 1985 by Sun Microsystems, Inc. + */ + +/* + * "High" level programmatic interface to rwall RPC service. + */ +#include +#include + +int +rwall(host, msg) + char *host; + char *msg; +{ + return (callrpc(host, WALLPROG, WALLVERS, WALLPROC_WALL, + xdr_wrapstring, (char *) &msg, + xdr_void, (char *) NULL)); +} diff --git a/lib/librpcsvc/secretkey.c b/lib/librpcsvc/secretkey.c new file mode 100644 index 000000000000..374372b787d4 --- /dev/null +++ b/lib/librpcsvc/secretkey.c @@ -0,0 +1,85 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if !defined(lint) && defined(SCCSIDS) +static char sccsid[] = "@(#)secretkey.c 1.8 91/03/11 Copyr 1986 Sun Micro"; +#endif + +/* + * secretkey.c + * Copyright (C) 1986, Sun Microsystems, Inc. + */ + +/* + * Secret key lookup routines + */ +#include +#include +#include +#include +#include +#include +#include + +extern int xdecrypt __P(( char *, char * )); + +/* + * Get somebody's encrypted secret key from the database, using the given + * passwd to decrypt it. + */ +int +getsecretkey(netname, secretkey, passwd) + char *netname; + char *secretkey; + char *passwd; +{ + char lookup[3 * HEXKEYBYTES]; + char *p; + + if (secretkey == NULL) + return (0); + if (!getpublicandprivatekey(netname, lookup)) + return (0); + p = strchr(lookup, ':'); + if (p == NULL) { + return (0); + } + p++; + if (!xdecrypt(p, passwd)) { + return (0); + } + if (memcmp(p, p + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0) { + secretkey[0] = '\0'; + return (1); + } + p[HEXKEYBYTES] = '\0'; + (void) strncpy(secretkey, p, HEXKEYBYTES); + secretkey[HEXKEYBYTES] = '\0'; + return (1); +} diff --git a/lib/librpcsvc/xcrypt.c b/lib/librpcsvc/xcrypt.c new file mode 100644 index 000000000000..3635bd8259ad --- /dev/null +++ b/lib/librpcsvc/xcrypt.c @@ -0,0 +1,192 @@ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +/* + * Hex encryption/decryption and utility routines + * + * Copyright (C) 1986, Sun Microsystems, Inc. + */ + +#include +#include +#include +#include +#include + +#ifndef lint +/*from: static char sccsid[] = "@(#)xcrypt.c 2.2 88/08/10 4.0 RPCSRC"; */ +static const char rcsid[] = "$Id: xcrypt.c,v 1.1 1996/11/12 02:36:12 wpaul Exp $"; +#endif + +static char hex[]; /* forward */ +static char hexval __P(( char )); +static void bin2hex __P(( int, unsigned char *, char * )); +static void hex2bin __P(( int, char *, char * )); +void passwd2des __P(( char *, char * )); + +/* + * Encrypt a secret key given passwd + * The secret key is passed and returned in hex notation. + * Its length must be a multiple of 16 hex digits (64 bits). + */ +int +xencrypt(secret, passwd) + char *secret; + char *passwd; +{ + char key[8]; + char ivec[8]; + char *buf; + int err; + int len; + + len = strlen(secret) / 2; + buf = malloc((unsigned)len); + + hex2bin(len, secret, buf); + passwd2des(passwd, key); + bzero(ivec, 8); + + err = cbc_crypt(key, buf, len, DES_ENCRYPT | DES_HW, ivec); + if (DES_FAILED(err)) { + free(buf); + return (0); + } + bin2hex(len, (unsigned char *) buf, secret); + free(buf); + return (1); +} + +/* + * Decrypt secret key using passwd + * The secret key is passed and returned in hex notation. + * Once again, the length is a multiple of 16 hex digits + */ +int +xdecrypt(secret, passwd) + char *secret; + char *passwd; +{ + char key[8]; + char ivec[8]; + char *buf; + int err; + int len; + + len = strlen(secret) / 2; + buf = malloc((unsigned)len); + + hex2bin(len, secret, buf); + passwd2des(passwd, key); + bzero(ivec, 8); + + err = cbc_crypt(key, buf, len, DES_DECRYPT | DES_HW, ivec); + if (DES_FAILED(err)) { + free(buf); + return (0); + } + bin2hex(len, (unsigned char *) buf, secret); + free(buf); + return (1); +} + + +/* + * Turn password into DES key + */ +void +passwd2des(pw, key) + char *pw; + char *key; +{ + int i; + + bzero(key, 8); + for (i = 0; *pw; i = (i+1)%8) { + key[i] ^= *pw++ << 1; + } + des_setparity(key); +} + + + +/* + * Hex to binary conversion + */ +static void +hex2bin(len, hexnum, binnum) + int len; + char *hexnum; + char *binnum; +{ + int i; + + for (i = 0; i < len; i++) { + *binnum++ = 16 * hexval(hexnum[2*i]) + hexval(hexnum[2*i+1]); + } +} + +/* + * Binary to hex conversion + */ +static void +bin2hex(len, binnum, hexnum) + int len; + unsigned char *binnum; + char *hexnum; +{ + int i; + unsigned val; + + for (i = 0; i < len; i++) { + val = binnum[i]; + hexnum[i*2] = hex[val >> 4]; + hexnum[i*2+1] = hex[val & 0xf]; + } + hexnum[len*2] = 0; +} + +static char hex[16] = { + '0', '1', '2', '3', '4', '5', '6', '7', + '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', +}; + +static char +hexval(c) + char c; +{ + if (c >= '0' && c <= '9') { + return (c - '0'); + } else if (c >= 'a' && c <= 'z') { + return (c - 'a' + 10); + } else if (c >= 'A' && c <= 'Z') { + return (c - 'A' + 10); + } else { + return (-1); + } +} diff --git a/lib/librpcsvc/yp_passwd.c b/lib/librpcsvc/yp_passwd.c new file mode 100644 index 000000000000..253291a63f9a --- /dev/null +++ b/lib/librpcsvc/yp_passwd.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 1995, 1996 + * Bill Paul . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Bill Paul. + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: yp_passwd.c,v 1.1 1996/11/16 20:52:13 wpaul Exp $ + */ + +#include +#include +#include +#include +#include +#include + +#ifndef LINT +static const char rcsid[] = "$Id: yp_passwd.c,v 1.1 1996/11/16 20:52:13 wpaul Exp $"; +#endif + +/* + * XXX does a typedef that makes 'yppasswd' + * a type of struct yppasswd. This leads to a namespace collision: + * gcc will not let you have a type called yppasswd and a function + * called yppasswd(). In order to get around this, we call the + * actual function _yppasswd() and put a macro called yppasswd() + * in yppasswd.h which calls the underlying function, thereby + * fooling gcc. + */ + +int _yppasswd(oldpass, newpw) + char *oldpass; + struct x_passwd *newpw; +{ + char *server; + char *domain; + int rval, result; + struct yppasswd yppasswd; + + yppasswd.newpw = *newpw; + yppasswd.oldpass = oldpass; + + if (yp_get_default_domain(&domain)) + return (-1); + + if (yp_master(domain, "passwd.byname", &server)) + return(-1); + + rval = getrpcport(server, YPPASSWDPROG, + YPPASSWDPROC_UPDATE, IPPROTO_UDP); + + if (rval == 0 || rval >= IPPORT_RESERVED) { + free(server); + return(-1); + } + + rval = callrpc(server, YPPASSWDPROG, YPPASSWDVERS, YPPASSWDPROC_UPDATE, + xdr_yppasswd, (char *)&yppasswd, xdr_int, &result); + + free(server); + if (rval || result) + return(-1); + else + return(0); +} diff --git a/lib/librpcsvc/yp_update.c b/lib/librpcsvc/yp_update.c new file mode 100644 index 000000000000..cbaa0fd73433 --- /dev/null +++ b/lib/librpcsvc/yp_update.c @@ -0,0 +1,204 @@ +/* + * Copyright (c) 1995, 1996 + * Bill Paul . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Bill Paul. + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * ypupdate client-side library function. + * + * Written by Bill Paul + * Center for Telecommunications Research + * Columbia University, New York City + * + * $Id: yp_update.c,v 1.1 1996/11/16 20:54:57 wpaul Exp $ + */ + +#include +#include +#include +#include +#include +#include + +#ifndef lint +static const char rcsid[] = "$Id: yp_update.c,v 1.1 1996/11/16 20:54:57 wpaul Exp $"; +#endif + +#ifndef WINDOW +#define WINDOW (60*60) +#endif + +#ifndef TIMEOUT +#define TIMEOUT 300 +#endif + +int +yp_update(domain, map, ypop, key, keylen, data, datalen) + char *domain; + char *map; + unsigned int ypop; + char *key; + int keylen; + char *data; + int datalen; +{ + char *master; + int rval; + unsigned int res; + struct ypupdate_args upargs; + struct ypdelete_args delargs; + CLIENT *clnt; + char netname[MAXNETNAMELEN+1]; + des_block des_key; + struct timeval timeout; + + /* Get the master server name for 'domain.' */ + if ((rval = yp_master(domain, map, &master))) + return(rval); + + /* Check that ypupdated is running there. */ + if (getrpcport(master, YPU_PROG, YPU_VERS, ypop)) + return(YPERR_DOMAIN); + + /* Get a handle. */ + if ((clnt = clnt_create(master, YPU_PROG, YPU_VERS, "tcp")) == NULL) + return(YPERR_RPC); + + /* + * Assemble netname of server. + * NOTE: It's difficult to discern from the documentation, but + * when you make a Secure RPC call, the netname you pass should + * be the netname of the guy on the other side, not your own + * netname. This is how the client side knows what public key + * to use for the initial exchange. Passing your own netname + * only works if the server on the other side is running under + * your UID. + */ + if (!host2netname(netname, master, domain)) { + clnt_destroy(clnt); + return(YPERR_BADARGS); + } + + /* Make up a DES session key. */ + key_gendes(&des_key); + + /* Set up DES authentication. */ + if ((clnt->cl_auth = (AUTH *)authdes_create(netname, WINDOW, NULL, + &des_key)) == NULL) { + clnt_destroy(clnt); + return(YPERR_RESRC); + } + + /* Set a timeout for clnt_call(). */ + timeout.tv_usec = 0; + timeout.tv_sec = TIMEOUT; + + /* + * Make the call. Note that we use clnt_call() here rather than + * the rpcgen-erated client stubs. We could use those stubs, but + * then we'd have to do some gymnastics to get at the error + * information to figure out what error code to send back to the + * caller. With clnt_call(), we get the error status returned to + * us right away, and we only have to exert a small amount of + * extra effort. + */ + switch(ypop) { + case YPOP_CHANGE: + upargs.mapname = map; + upargs.key.yp_buf_len = keylen; + upargs.key.yp_buf_val = key; + upargs.datum.yp_buf_len = datalen; + upargs.datum.yp_buf_val = data; + + if ((rval = clnt_call(clnt, YPU_CHANGE, xdr_ypupdate_args, + &upargs, xdr_u_int, &res, timeout)) != RPC_SUCCESS) { + if (rval == RPC_AUTHERROR) + res = YPERR_ACCESS; + else + res = YPERR_RPC; + } + + break; + case YPOP_INSERT: + upargs.mapname = map; + upargs.key.yp_buf_len = keylen; + upargs.key.yp_buf_val = key; + upargs.datum.yp_buf_len = datalen; + upargs.datum.yp_buf_val = data; + + if ((rval = clnt_call(clnt, YPU_INSERT, xdr_ypupdate_args, + &upargs, xdr_u_int, &res, timeout)) != RPC_SUCCESS) { + if (rval == RPC_AUTHERROR) + res = YPERR_ACCESS; + else + res = YPERR_RPC; + } + + break; + case YPOP_DELETE: + delargs.mapname = map; + delargs.key.yp_buf_len = keylen; + delargs.key.yp_buf_val = key; + + if ((rval = clnt_call(clnt, YPU_DELETE, xdr_ypdelete_args, + &delargs, xdr_u_int, &res, timeout)) != RPC_SUCCESS) { + if (rval == RPC_AUTHERROR) + res = YPERR_ACCESS; + else + res = YPERR_RPC; + } + + break; + case YPOP_STORE: + upargs.mapname = map; + upargs.key.yp_buf_len = keylen; + upargs.key.yp_buf_val = key; + upargs.datum.yp_buf_len = datalen; + upargs.datum.yp_buf_val = data; + + if ((rval = clnt_call(clnt, YPU_STORE, xdr_ypupdate_args, + &upargs, xdr_u_int, &res, timeout)) != RPC_SUCCESS) { + if (rval == RPC_AUTHERROR) + res = YPERR_ACCESS; + else + res = YPERR_RPC; + } + + break; + default: + res = YPERR_BADARGS; + break; + } + + /* All done: tear down the connection. */ + auth_destroy(clnt->cl_auth); + clnt_destroy(clnt); + free(master); + + return(res); +}