Commit Graph

11 Commits

Author SHA1 Message Date
Kris Kennaway
6cf217b22c Use arc4random() instead of random() when generating the master key.
MFC after:	1 week
2003-02-18 01:35:58 +00:00
Andrey A. Chernov
bd344e96cf Use sranddev()/srandomdev() for FreeBSD 2003-02-11 01:56:40 +00:00
Alfred Perlstein
af37179b5f Port to TI/RPC and/or IPV6.
Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
2002-07-15 18:51:57 +00:00
Dag-Erling Smørgrav
f249dbcc71 Spell void * as void * rather than caddr_t. This is complicated by the
fact that caddr_t is often misspelled as char *.

Sponsored by:	DARPA, NAI Labs
2002-04-28 15:18:50 +00:00
Alfred Perlstein
98fb650380 Readded the svc_create() and the registering of the local transport,
now it is fixed. This should get us a working keyserv again, since
it depends on local transport for key exchange.

Since we do not have any KEYFILE name hardcoded anymore, set the
umask that way that the keyserver socket can be created with with
the appropriate permissions.

Re-add the accidently removed signal(SIGPIPE, SIG_IGN); to the code
which makes sense to avoid SIGPIPE when a disconnect on rpc socket
occurs.

Submitted by: mbr
2002-02-06 19:15:34 +00:00
Dima Dorfman
7309915e7a Nuke unused variables. 2001-06-24 23:41:57 +00:00
Alfred Perlstein
4ed6d63483 Hopefully fix some of the bugs in passing credentials over UNIX domain sockets.
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)

Make __rpc_get_local_uid() useable and give it prototype that's
visible.

Fix some issues with printing out usernames from rpcbind and keyserv.
2001-03-22 04:31:30 +00:00
Alfred Perlstein
8360efbd6c Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

  Bring in required TLI library routines to support this.

  Since we don't support TLI we've essentially copied what NetBSD
  has done, adding a thin layer to emulate direct the TLI calls
  into BSD socket calls.

  This is mostly from Sun's tirpc release that was made in 1994,
  however some fixes were backported from the 1999 release (supposedly
  only made available after this porting effort was underway).

  The submitter has agreed to continue on and bring us up to the
  1999 release.

  Several key features are introduced with this update:
    Client calls are thread safe. (1999 code has server side thread
    safe)
    Updated, a more modern interface.

  Many userland updates were done to bring the code up to par with
  the recent RPC API.

  There is an update to the pthreads library, a function
  pthread_main_np() was added to emulate a function of Sun's threads
  library.

  While we're at it, bring in NetBSD's lockd, it's been far too
  long of a wait.

  New rpcbind(8) replaces portmap(8) (supporting communication over
  an authenticated Unix-domain socket, and by default only allowing
  set and unset requests over that channel). It's much more secure
  than the old portmapper.

  Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
  to support TI-RPC and to support IPV6.

  Umount(8) is also fixed to unmount pathnames longer than 80 chars,
  which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Philippe Charnier
ecdf56e7d9 Use err(3). Put includes in alphabetical order.
Rewrote man page in mdoc format.
Document -v and -p flags.
1997-09-23 06:36:27 +00:00
Bill Paul
51251b2b3b Import of the keyserv daemon needed for Secure RPC.
This version supports both the keyserv v1 and v2 protocols. It uses the
new AF_LOCAL transport so that only local processes can use it for
storing/retrieving keys, and it uses the SCM_CREDS kernel hack for
authentication. With these two modifications, we don't need the keyenvoy
program normally used with RPC 4.0.

Note that if libdes.so.3.x is present on the system when keyserv
is started, Secure RPC will run with normal DES encryption. If not,
everything falls back to RC4 with a 40 bit key.
1997-05-28 15:44:22 +00:00