diff options
Diffstat (limited to 'eBones/libexec')
| -rw-r--r-- | eBones/libexec/Makefile | 6 | ||||
| -rw-r--r-- | eBones/libexec/Makefile.inc | 5 | ||||
| -rw-r--r-- | eBones/libexec/kpropd/Makefile | 10 | ||||
| -rw-r--r-- | eBones/libexec/kpropd/kpropd.c | 453 | ||||
| -rw-r--r-- | eBones/libexec/registerd/Makefile | 18 | ||||
| -rw-r--r-- | eBones/libexec/registerd/registerd.8 | 71 | ||||
| -rw-r--r-- | eBones/libexec/registerd/registerd.c | 355 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/Makefile | 12 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/krb.c | 388 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/rkinitd.8 | 42 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/rkinitd.c | 137 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/rkinitd.h | 34 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/rpc.c | 222 | ||||
| -rw-r--r-- | eBones/libexec/rkinitd/util.c | 49 |
14 files changed, 0 insertions, 1802 deletions
diff --git a/eBones/libexec/Makefile b/eBones/libexec/Makefile deleted file mode 100644 index b7193e672228..000000000000 --- a/eBones/libexec/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -# From: @(#)Makefile 5.1 (Berkeley) 6/25/90 -# $Id: Makefile,v 1.1 1995/09/13 17:23:59 markm Exp $ - -SUBDIR= kpropd registerd rkinitd - -.include <bsd.subdir.mk> diff --git a/eBones/libexec/Makefile.inc b/eBones/libexec/Makefile.inc deleted file mode 100644 index d694f9b03653..000000000000 --- a/eBones/libexec/Makefile.inc +++ /dev/null @@ -1,5 +0,0 @@ -# @(#)Makefile.inc 8.1 (Berkeley) 6/4/93 - -BINDIR?= /usr/libexec - -.include "../Makefile.inc" diff --git a/eBones/libexec/kpropd/Makefile b/eBones/libexec/kpropd/Makefile deleted file mode 100644 index 03f4eaa15921..000000000000 --- a/eBones/libexec/kpropd/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -# From: @(#)Makefile 5.1 (Berkeley) 6/25/90 -# $Id$ - -PROG= kpropd -CFLAGS+=-I${.CURDIR}/../../usr.sbin/kprop -DPADD+= ${LIBKRB} ${LIBDES} -LDADD= -L${KRBOBJDIR} -lkrb -L${DESOBJDIR} -ldes -NOMAN= noman - -.include <bsd.prog.mk> diff --git a/eBones/libexec/kpropd/kpropd.c b/eBones/libexec/kpropd/kpropd.c deleted file mode 100644 index 1b232dfc0ded..000000000000 --- a/eBones/libexec/kpropd/kpropd.c +++ /dev/null @@ -1,453 +0,0 @@ -/* - * Copyright 1987 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * MIT.Copyright. - * - * kprop/kpropd have been abandonded by Project Athena (for good reason) - * however they still form the basis for one of the better ways for - * distributing kerberos databases. This version of kpropd has been - * adapted from the MIT distribution to work properly in a 4.4BSD - * environment. - * - * $Revision: 1.1.1.1 $ $Date: 1995/08/03 07:37:19 $ $State: Exp $ - * $Source: /usr/cvs/src/eBones/kpropd/kpropd.c,v $ - * - * Log: kpropd.c,v - * Revision 4.5 92/10/23 15:45:46 tytso Make it possible - * to specify the location of the kdb_util program. - * - * Revision 4.4 91/06/15 03:20:51 probe Fixed <sys/types.h> inclusion - * - * Revision 4.3 89/05/16 15:06:04 wesommer Fix operator precedence stuff. - * Programmer: John Kohl. - * - * Revision 4.2 89/03/23 10:24:00 jtkohl NOENCRYPTION changes - * - * Revision 4.1 89/01/24 20:33:48 root name change - * - * Revision 4.0 89/01/24 18:45:06 wesommer Original version; programmer: - * wesommer auditor: jon - * - * Revision 4.5 88/01/08 18:07:46 jon formatting and rcs header changes */ - -/* - * This program is run on slave servers, to catch updates "pushed" from the - * master kerberos server in a realm. - */ - -#if 0 -#ifndef lint -static char rcsid_kpropd_c[] = -"$Header: /usr/cvs/src/eBones/kpropd/kpropd.c,v 1.1.1.1 1995/08/03 07:37:19 mark Exp $"; -#endif /* lint */ -#endif - -#include <errno.h> -#include <unistd.h> -#include <ctype.h> -#include <sys/types.h> -#include <sys/file.h> -#include <sys/socket.h> -#include <sys/stat.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> -#include <syslog.h> -#include <krb.h> -#include <krb_db.h> - -#include "kprop.h" - -static char kprop_version[KPROP_PROT_VERSION_LEN] = KPROP_PROT_VERSION; - -int debug = 0; - -int pause_int = 300; /* 5 minutes in seconds */ -unsigned long get_data_checksum(int fd, Key_schedule key_sched); -void recv_auth(int in, int out, int private, - struct sockaddr_in *remote, struct sockaddr_in *local, - AUTH_DAT *ad); -static void SlowDeath(void); -void recv_clear(int in, int out); - /* leave room for private msg overhead */ -static char buf[KPROP_BUFSIZ + 64]; - -static void -usage() -{ - fprintf(stderr, "\nUsage: kpropd [-r realm] [-s srvtab] [-P kdb_util] fname\n"); - exit(2); -} - -void -main(argc, argv) - int argc; - char **argv; -{ - struct sockaddr_in from; - struct sockaddr_in sin; - int s2, fd, n, fdlock; - int from_len; - char local_file[256]; - char local_temp[256]; - struct hostent *hp; - char hostname[256]; - char from_str[128]; - long kerror; - AUTH_DAT auth_dat; - KTEXT_ST ticket; - char my_instance[INST_SZ]; - char my_realm[REALM_SZ]; - char cmd[1024]; - short net_transfer_mode, transfer_mode; - Key_schedule session_sched; - char version[9]; - int c; - extern char *optarg; - extern int optind; - int rflag = 0; - char *srvtab = ""; - char *local_db = DBM_FILE; - char *kdb_util = KPROP_KDB_UTIL; - - if (argv[argc - 1][0] == 'k' && isdigit(argv[argc - 1][1])) { - argc--; /* ttys file hack */ - } - while ((c = getopt(argc, argv, "r:s:d:P:")) != EOF) { - switch (c) { - case 'r': - rflag++; - strcpy(my_realm, optarg); - break; - case 's': - srvtab = optarg; - break; - case 'd': - local_db = optarg; - break; - case 'P': - kdb_util = optarg; - break; - default: - usage(); - break; - } - } - if (optind != argc - 1) - usage(); - - openlog("kpropd", LOG_PID, LOG_AUTH); - - strcpy(local_file, argv[optind]); - strcat(strcpy(local_temp, argv[optind]), ".tmp"); - -#ifdef STANDALONE - - if ((sp = getservbyname("krb_prop", "tcp")) == NULL) { - syslog(LOG_ERR, "tcp/krb_prop: unknown service."); - SlowDeath(); - } - bzero(&sin, sizeof sin); - sin.sin_port = sp->s_port; - sin.sin_family = AF_INET; - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - syslog(LOG_ERR, "socket: %m"); - SlowDeath(); - } - if (bind(s, (struct sockaddr *)&sin, sizeof sin) < 0) { - syslog(LOG_ERR, "bind: %m"); - SlowDeath(); - } - -#endif /* STANDALONE */ - - if (!rflag) { - kerror = krb_get_lrealm(my_realm, 1); - if (kerror != KSUCCESS) { - syslog(LOG_ERR, "can't get local realm. %s", - krb_err_txt[kerror]); - SlowDeath(); - } - } - if (gethostname(my_instance, sizeof(my_instance)) != 0) { - syslog(LOG_ERR, "gethostname: %m"); - SlowDeath(); - } - -#ifdef STANDALONE - listen(s, 5); - for (;;) { - from_len = sizeof from; - if ((s2 = accept(s, (struct sockaddr *)&from, &from_len)) < 0) { - syslog(LOG_ERR, "accept: %m"); - continue; - } -#else /* !STANDALONE */ - - s2 = 0; - from_len = sizeof from; - if (getpeername(0, (struct sockaddr *)&from, &from_len) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - SlowDeath(); - } - -#endif /* !STANDALONE */ - - strcpy(from_str, inet_ntoa(from.sin_addr)); - - if ((hp = gethostbyaddr((char *) &(from.sin_addr.s_addr), - from_len, AF_INET)) == NULL) { - strcpy(hostname, "UNKNOWN"); - } else { - strcpy(hostname, hp->h_name); - } - - syslog(LOG_INFO, "connection from %s, %s", hostname, from_str); - - /* for krb_rd_{priv, safe} */ - n = sizeof sin; - if (getsockname(s2, (struct sockaddr *)&sin, &n) != 0) { - syslog(LOG_ERR, "can't get socketname: %m"); - SlowDeath(); - } - if (n != sizeof(sin)) { - syslog(LOG_ERR, "can't get socketname (length)"); - SlowDeath(); - } - if ((fdlock = open(local_temp, O_WRONLY | O_CREAT, 0600)) < 0) { - syslog(LOG_ERR, "open: %m"); - SlowDeath(); - } - if (flock(fdlock, LOCK_EX | LOCK_NB)) { - syslog(LOG_ERR, "flock: %m"); - SlowDeath(); - } - if ((fd = creat(local_temp, 0600)) < 0) { - syslog(LOG_ERR, "creat: %m"); - SlowDeath(); - } - if ((n = read(s2, buf, sizeof(kprop_version))) - != sizeof(kprop_version)) { - syslog(LOG_ERR, - "can't read protocol version (%d bytes)", n); - SlowDeath(); - } - if (strncmp(buf, kprop_version, sizeof(kprop_version)) != 0) { - syslog(LOG_ERR, "unsupported version %s", buf); - SlowDeath(); - } - if ((n = read(s2, &net_transfer_mode, - sizeof(net_transfer_mode))) - != sizeof(net_transfer_mode)) { - syslog(LOG_ERR, "can't read transfer mode"); - SlowDeath(); - } - transfer_mode = ntohs(net_transfer_mode); - kerror = krb_recvauth(KOPT_DO_MUTUAL, s2, &ticket, - KPROP_SERVICE_NAME, - my_instance, - &from, - &sin, - &auth_dat, - srvtab, - session_sched, - version); - if (kerror != KSUCCESS) { - syslog(LOG_ERR, "%s calling getkdata", - krb_err_txt[kerror]); - SlowDeath(); - } - syslog(LOG_INFO, "connection from %s.%s@%s", - auth_dat.pname, auth_dat.pinst, auth_dat.prealm); - - /* - * AUTHORIZATION is done here. We might want to expand this - * to read an acl file at some point, but allowing for now - * KPROP_SERVICE_NAME.KRB_MASTER@local-realm is fine ... - */ - - if ((strcmp(KPROP_SERVICE_NAME, auth_dat.pname) != 0) || - (strcmp(KRB_MASTER, auth_dat.pinst) != 0) || - (strcmp(my_realm, auth_dat.prealm) != 0)) { - syslog(LOG_NOTICE, "authorization denied"); - SlowDeath(); - } - switch (transfer_mode) { - case KPROP_TRANSFER_PRIVATE: - recv_auth(s2, fd, 1 /* private */ , &from, &sin, &auth_dat); - break; - case KPROP_TRANSFER_SAFE: - recv_auth(s2, fd, 0 /* safe */ , &from, &sin, &auth_dat); - break; - case KPROP_TRANSFER_CLEAR: - recv_clear(s2, fd); - break; - default: - syslog(LOG_ERR, "bad transfer mode %d", transfer_mode); - SlowDeath(); - } - - if (transfer_mode != KPROP_TRANSFER_PRIVATE) { - syslog(LOG_ERR, "non-private transfers not supported\n"); - SlowDeath(); -#ifdef doesnt_work_yet - lseek(fd, (long) 0, L_SET); - if (auth_dat.checksum != get_data_checksum(fd, session_sched)) { - syslog(LOG_ERR, "checksum doesn't match"); - SlowDeath(); - } -#endif - } else { - struct stat st; - fstat(fd, &st); - if (st.st_size != auth_dat.checksum) { - syslog(LOG_ERR, "length doesn't match"); - SlowDeath(); - } - } - close(fd); - close(s2); - - if (rename(local_temp, local_file) < 0) { - syslog(LOG_ERR, "rename: %m"); - SlowDeath(); - } - - if (flock(fdlock, LOCK_UN)) { - syslog(LOG_ERR, "flock (unlock): %m"); - SlowDeath(); - } - close(fdlock); - sprintf(cmd, "%s load %s %s\n", kdb_util, local_file, local_db); - if (system(cmd) != 0) { - syslog(LOG_ERR, "couldn't load database"); - SlowDeath(); - } - -#ifdef STANDALONE - } -#endif - -} - -void -recv_auth(in, out, private, remote, local, ad) - int in, out; - int private; - struct sockaddr_in *remote, *local; - AUTH_DAT *ad; -{ - u_long length; - long kerror; - int n; - MSG_DAT msg_data; - Key_schedule session_sched; - - if (private) -#ifdef NOENCRYPTION - bzero((char *) session_sched, sizeof(session_sched)); -#else - if (key_sched((C_Block *)ad->session, session_sched)) { - syslog(LOG_ERR, "can't make key schedule"); - SlowDeath(); - } -#endif - - while (1) { - n = krb_net_read(in, (char *)&length, sizeof length); - if (n == 0) - break; - if (n < 0) { - syslog(LOG_ERR, "read: %m"); - SlowDeath(); - } - length = ntohl(length); - if (length > sizeof buf) { - syslog(LOG_ERR, "read length %d, bigger than buf %d", - length, sizeof buf); - SlowDeath(); - } - n = krb_net_read(in, buf, length); - if (n < 0) { - syslog(LOG_ERR, "kpropd: read: %m"); - SlowDeath(); - } - if (private) - kerror = krb_rd_priv(buf, n, session_sched, ad->session, - remote, local, &msg_data); - else - kerror = krb_rd_safe(buf, n, (C_Block *)ad->session, - remote, local, &msg_data); - if (kerror != KSUCCESS) { - syslog(LOG_ERR, "%s: %s", - private ? "krb_rd_priv" : "krb_rd_safe", - krb_err_txt[kerror]); - SlowDeath(); - } - if (write(out, msg_data.app_data, msg_data.app_length) != - msg_data.app_length) { - syslog(LOG_ERR, "write: %m"); - SlowDeath(); - } - } -} - -void -recv_clear(in, out) - int in, out; -{ - int n; - - while (1) { - n = read(in, buf, sizeof buf); - if (n == 0) - break; - if (n < 0) { - syslog(LOG_ERR, "read: %m"); - SlowDeath(); - } - if (write(out, buf, n) != n) { - syslog(LOG_ERR, "write: %m"); - SlowDeath(); - } - } -} - -static void -SlowDeath() -{ -#ifdef STANDALONE - sleep(pause_int); -#endif - exit(1); -} - -#ifdef doesnt_work_yet -unsigned long -get_data_checksum(fd, key_sched) - int fd; - Key_schedule key_sched; -{ - unsigned long cksum = 0; - unsigned long cbc_cksum(); - int n; - char buf[BUFSIZ]; - char obuf[8]; - - while (n = read(fd, buf, sizeof buf)) { - if (n < 0) { - syslog(LOG_ERR, "read (in checksum test): %m"); - SlowDeath(); - } -#ifndef NOENCRYPTION - cksum += cbc_cksum(buf, obuf, n, key_sched, key_sched); -#endif - } - return cksum; -} -#endif diff --git a/eBones/libexec/registerd/Makefile b/eBones/libexec/registerd/Makefile deleted file mode 100644 index 3e3c0b0e4e60..000000000000 --- a/eBones/libexec/registerd/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright (c) 1990 The Regents of the University of California. -# All rights reserved. -# -# %sccs.include.redist.sh -# -# @(#)Makefile 8.1 (Berkeley) 6/1/93 -# -# $Id$ - -PROG= registerd -SRCS= registerd.c -CFLAGS+=-DCRYPT -DKERBEROS -I${.CURDIR}/../../usr.bin/register -DPADD+= ${LIBKDB} ${LIBKRB} ${LIBDES} -LDADD= -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -L${DESOBJDIR} -ldes -MAN8= registerd.8 - -.include <bsd.prog.mk> diff --git a/eBones/libexec/registerd/registerd.8 b/eBones/libexec/registerd/registerd.8 deleted file mode 100644 index 3fc8e2873140..000000000000 --- a/eBones/libexec/registerd/registerd.8 +++ /dev/null @@ -1,71 +0,0 @@ -.\" Copyright (c) 1990, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)registerd.8 8.2 (Berkeley) 12/11/93 -.\" -.Dd December 11, 1993 -.Dt REGISTERD 8 -.Os -.Sh NAME -.Nm registerd -.Nd Kerberos registration daemon -.Sh SYNOPSIS -.Nm registerd -.Sh DESCRIPTION -Act as a registration agent for a Kerberos domain. -.Sh FILES -.Bl -tag -width /etc/kerberosIV/register_keys -compact -.It Pa /etc/kerberosIV/principal* -Kerberos database -.It Pa /etc/kerberosIV/register_keys/ -directory containing -.Tn DES -keys for trusted hosts -.It Pa .update.keyxx.xx.xx.xx -shared -.Tn DES -key with server -.El -.Sh SEE ALSO -.Xr registerd 8 , -.Xr kerberos 1 -.Sh DIAGNOSTICS -.Dq Already exists , -if the user already exists in the Kerberos database. -.Pp -.Dq Permission Denied , -if the host on which register is being run is untrusted. -.Sh HISTORY -The -.Nm registerd -utility -first appeared in 4.4BSD. - diff --git a/eBones/libexec/registerd/registerd.c b/eBones/libexec/registerd/registerd.c deleted file mode 100644 index 7c749240ae1b..000000000000 --- a/eBones/libexec/registerd/registerd.c +++ /dev/null @@ -1,355 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if 0 -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1990, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -static char sccsid[] = "@(#)registerd.c 8.1 (Berkeley) 6/1/93"; -#endif /* not lint */ -#endif - -#include <sys/types.h> -#include <sys/time.h> -#include <sys/signal.h> -#include <sys/resource.h> -#include <sys/param.h> -#include <sys/file.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <syslog.h> -#include <des.h> -#include <krb.h> -#include <krb_db.h> -#include <string.h> -#include <stdio.h> -#include <unistd.h> -#include "register_proto.h" -#include "pathnames.h" - -#define KBUFSIZ (sizeof(struct keyfile_data)) -#define RCRYPT 0x00 -#define CLEAR 0x01 - -char *progname, msgbuf[BUFSIZ]; - -void cleanup(void); -void die(int); -void send_packet(char *msg, int flag); -int net_get_principal(char *pname, char *iname, C_Block *keyp); -int do_append(struct sockaddr_in *sinp); - -void -main(argc, argv) - int argc; - char **argv; -{ - static Key_schedule schedule; - static struct rlimit rl = { 0, 0 }; - struct keyfile_data *kfile; - u_char code; - int kf, retval, sval; - struct sockaddr_in sin; - char keyfile[MAXPATHLEN], keybuf[KBUFSIZ]; - - progname = argv[0]; /* for the library routines */ - - openlog("registerd", LOG_PID, LOG_AUTH); - - signal(SIGHUP, SIG_IGN); - signal(SIGINT, SIG_IGN); - signal(SIGTSTP, SIG_IGN); - signal(SIGPIPE, die); - - if (setrlimit(RLIMIT_CORE, &rl) < 0) { - syslog(LOG_ERR, "setrlimit: %m"); - exit(1); - } - - - /* figure out who we are talking to */ - - sval = sizeof(sin); - if (getpeername(0, (struct sockaddr *) &sin, &sval) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - exit(1); - } - - /* get encryption key */ - - (void) sprintf(keyfile, "%s/%s%s", - SERVER_KEYDIR, - KEYFILE_BASE, - inet_ntoa(sin.sin_addr)); - - if ((kf = open(keyfile, O_RDONLY)) < 0) { - syslog(LOG_ERR, - "error opening Kerberos update keyfile (%s): %m", keyfile); - sprintf(msgbuf, - "couldn't open session keyfile for your host"); - send_packet(msgbuf, CLEAR); - exit(1); - } - - if (read(kf, keybuf, KBUFSIZ) != KBUFSIZ) { - syslog(LOG_ERR, "wrong read size of Kerberos update keyfile"); - sprintf(msgbuf, - "couldn't read session key from your host's keyfile"); - send_packet(msgbuf, CLEAR); - exit(1); - } - sprintf(msgbuf, GOTKEY_MSG); - send_packet(msgbuf, CLEAR); - kfile = (struct keyfile_data *) keybuf; - key_sched((C_Block *)kfile->kf_key, schedule); - des_set_key_krb((des_cblock *)kfile->kf_key, schedule); - - /* read the command code byte */ - - if (des_read(0, &code, 1) == 1) { - - switch(code) { - case APPEND_DB: - retval = do_append(&sin); - break; - case ABORT: - cleanup(); - close(0); - exit(0); - default: - retval = KFAILURE; - syslog(LOG_NOTICE, - "invalid command code on db update (0x%x)", - code); - } - - } else { - retval = KFAILURE; - syslog(LOG_ERR, - "couldn't read command code on Kerberos update"); - } - - code = (u_char) retval; - if (code != KSUCCESS) { - sprintf(msgbuf, "%s", krb_err_txt[code]); - send_packet(msgbuf, RCRYPT); - } else { - sprintf(msgbuf, "Update complete."); - send_packet(msgbuf, RCRYPT); - } - cleanup(); - close(0); - exit(0); -} - -#define MAX_PRINCIPAL 10 -static Principal principal_data[MAX_PRINCIPAL]; -static C_Block key, master_key; -static Key_schedule master_key_schedule; - -int -do_append(sinp) - struct sockaddr_in *sinp; -{ - Principal default_princ; - char input_name[ANAME_SZ]; - char input_instance[INST_SZ]; - int j,n, more; - long mkeyversion; - - - - /* get master key from MKEYFILE */ - if (kdb_get_master_key(0, master_key, master_key_schedule) != 0) { - syslog(LOG_ERR, "couldn't get master key"); - return(KFAILURE); - } - - mkeyversion = kdb_verify_master_key(master_key, master_key_schedule, NULL); - if (mkeyversion < 0) { - syslog(LOG_ERR, "couldn't validate master key"); - return(KFAILURE); - } - - n = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, - &default_princ, 1, &more); - - if (n != 1) { - syslog(LOG_ERR, "couldn't get default principal"); - return(KFAILURE); - } - - /* - * get principal name, instance, and password from network. - * convert password to key and store it - */ - - if (net_get_principal(input_name, input_instance, (C_Block *)key) != 0) { - return(KFAILURE); - } - - - j = kerb_get_principal( - input_name, - input_instance, - principal_data, - MAX_PRINCIPAL, - &more - ); - - if (j != 0) { - /* already in database, no update */ - syslog(LOG_NOTICE, - "attempt to add duplicate entry for principal %s.%s", - input_name, input_instance); - return(KDC_PR_N_UNIQUE); - } - - /* - * set up principal's name, instance - */ - - strcpy(principal_data[0].name, input_name); - strcpy(principal_data[0].instance, input_instance); - principal_data[0].old = NULL; - - - /* and the expiration date and version #s */ - - principal_data[0].exp_date = default_princ.exp_date; - strcpy(principal_data[0].exp_date_txt, default_princ.exp_date_txt); - principal_data[0].max_life = default_princ.max_life; - principal_data[0].attributes = default_princ.attributes; - principal_data[0].kdc_key_ver = default_princ.kdc_key_ver; - - - /* and the key */ - - kdb_encrypt_key(key, key, master_key, master_key_schedule, - ENCRYPT); - bcopy(key, &principal_data[0].key_low, 4); - bcopy(((long *) key) + 1, &principal_data[0].key_high,4); - bzero(key, sizeof(key)); - - principal_data[0].key_version = 1; /* 1st entry */ - - /* and write it to the database */ - - if (kerb_put_principal(&principal_data[0], 1)) { - syslog(LOG_INFO, "Kerberos update failure: put_principal failed"); - return(KFAILURE); - } - - syslog(LOG_NOTICE, "Kerberos update: wrote new record for %s.%s from %s", - principal_data[0].name, - principal_data[0].instance, - inet_ntoa(sinp->sin_addr) - ); - - return(KSUCCESS); - -} - -void -send_packet(msg,flag) - char *msg; - int flag; -{ - int len = strlen(msg); - msg[len++] = '\n'; - msg[len] = '\0'; - if (len > sizeof(msgbuf)) { - syslog(LOG_ERR, "send_packet: invalid msg size"); - return; - } - if (flag == RCRYPT) { - if (des_write(0, msg, len) != len) - syslog(LOG_ERR, "couldn't write reply message"); - } else if (flag == CLEAR) { - if (write(0, msg, len) != len) - syslog(LOG_ERR, "couldn't write reply message"); - } else - syslog(LOG_ERR, "send_packet: invalid flag (%d)", flag); - -} - -int -net_get_principal(pname, iname, keyp) - char *pname, *iname; - C_Block *keyp; -{ - int cc; - static char password[255]; - - cc = des_read(0, pname, ANAME_SZ); - if (cc != ANAME_SZ) { - syslog(LOG_ERR, "couldn't get principal name"); - return(-1); - } - - cc = des_read(0, iname, INST_SZ); - if (cc != INST_SZ) { - syslog(LOG_ERR, "couldn't get instance name"); - return(-1); - } - - cc = des_read(0, password, 255); - if (cc != 255) { - syslog(LOG_ERR, "couldn't get password"); - bzero(password, 255); - return(-1); - } - - string_to_key(password, (des_cblock *)*keyp); - bzero(password, 255); - return(0); -} - -void -cleanup() -{ - bzero(master_key, sizeof(master_key)); - bzero(key, sizeof(key)); - bzero(master_key_schedule, sizeof(master_key_schedule)); -} - -void -die(sig) - int sig; -{ - syslog(LOG_ERR, "remote end died (SIGPIPE)"); - cleanup(); - exit(1); -} diff --git a/eBones/libexec/rkinitd/Makefile b/eBones/libexec/rkinitd/Makefile deleted file mode 100644 index 387264416389..000000000000 --- a/eBones/libexec/rkinitd/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/4/93 - -PROG= rkinitd -SRCS= ${RKINITOBJDIR}/rkinit_err.h rkinitd.c util.c rpc.c krb.c -CFLAGS+=-I${KRBOBJDIR} -I${RKINITOBJDIR} -DPADD= ${LIBKRB} ${LIBDES} -LDADD= -L${RKINITOBJDIR} -lrkinit -L${KRBOBJDIR} -lkrb \ - -L${DESOBJDIR} -ldes - -MAN8= rkinitd.8 - -.include <bsd.prog.mk> diff --git a/eBones/libexec/rkinitd/krb.c b/eBones/libexec/rkinitd/krb.c deleted file mode 100644 index 23734db4307d..000000000000 --- a/eBones/libexec/rkinitd/krb.c +++ /dev/null @@ -1,388 +0,0 @@ -/* - * $Id: krb.c,v 1.1 1993/07/29 22:45:19 dglo Exp gibbs $ - * $Source: /usr/src/eBones/rkinitd/RCS/krb.c,v $ - * $Author: dglo $ - * - * This file contains all of the kerberos part of rkinitd. - */ - -#if !defined(lint) && !defined(SABER) && !defined(LOCORE) && defined(RCS_HDRS) -static char *rcsid = "$Id: krb.c,v 1.1 1993/07/29 22:45:19 dglo Exp gibbs $"; -#endif /* lint || SABER || LOCORE || RCS_HDRS */ - -#include <stdio.h> -#include <sys/types.h> -#include <errno.h> -#include <syslog.h> -#include <netinet/in.h> -#include <setjmp.h> -#include <string.h> -#include <unistd.h> -#include <pwd.h> -#include <krb.h> -#include <des.h> - -#include <rkinit.h> -#include <rkinit_private.h> -#include <rkinit_err.h> - -#include "rkinitd.h" - -#define FAILURE (!RKINIT_SUCCESS) - -extern int errno; - -static char errbuf[BUFSIZ]; - -typedef struct { - jmp_buf env; -} rkinitd_intkt_info; - - -#if defined(_AIX) && defined(_IBMR2) - -#include <sys/id.h> - -/* - * The RIOS has bizzarre ideas about changing uids around. They are - * such that the seteuid and setruid calls here fail. For this reason - * we are replacing the seteuid and setruid calls. - * - * The bizzarre ideas are as follows: - * - * The effective ID may be changed only to the current real or - * saved IDs. - * - * The saved uid may be set only if the real and effective - * uids are being set to the same value. - * - * The real uid may be set only if the effective - * uid is being set to the same value. - */ - -#ifdef __STDC__ -static int setruid(uid_t ruid) -#else -static int setruid(ruid) - uid_t ruid; -#endif /* __STDC__ */ -{ - uid_t euid; - - euid = geteuid(); - - if (setuidx(ID_REAL | ID_EFFECTIVE, ruid) == -1) - return (-1); - - return (setuidx(ID_EFFECTIVE, euid)); -} - - -#ifdef __STDC__ -static int seteuid(uid_t euid) -#else -static int seteuid(euid) - uid_t euid; -#endif /* __STDC__ */ -{ - uid_t ruid; - - ruid = getuid(); - - if (setuidx(ID_SAVED | ID_REAL | ID_EFFECTIVE, euid) == -1) - return (-1); - - return (setruid(ruid)); -} - - -#ifdef __STDC__ -static int setreuid(uid_t ruid, uid_t euid) -#else -static int setreuid(ruid, euid) - uid_t ruid; - uid_t euid; -#endif /* __STDC__ */ -{ - if (seteuid(euid) == -1) - return (-1); - - return (setruid(ruid)); -} - - -#ifdef __STDC__ -static int setuid(uid_t uid) -#else -static int setuid(uid) - uid_t uid; -#endif /* __STDC__ */ -{ - return (setreuid(uid, uid)); -} - -#endif /* RIOS */ - - -#ifdef __STDC__ -static void this_phost(char *host, int hostlen) -#else -static void this_phost(host, hostlen) - char *host; - int hostlen; -#endif /* __STDC__ */ -{ - char this_host[MAXHOSTNAMELEN + 1]; - - BCLEAR(this_host); - - if (gethostname(this_host, sizeof(this_host)) < 0) { - sprintf(errbuf, "gethostname: %s", sys_errlist[errno]); - rkinit_errmsg(errbuf); - error(); - exit(1); - } - - strncpy(host, krb_get_phost(this_host), hostlen - 1); -} - -#ifdef __STDC__ -static int decrypt_tkt(char *user, char *instance, char *realm, char *arg, - int (*key_proc)(), KTEXT *cipp) -#else -static int decrypt_tkt(user, instance, realm, arg, key_proc, cipp) - char *user; - char *instance; - char *realm; - char *arg; - int (*key_proc)(); - KTEXT *cipp; -#endif /* __STDC__ */ -{ - MSG_DAT msg_data; /* Message data containing decrypted data */ - KTEXT_ST auth; /* Authenticator */ - AUTH_DAT auth_dat; /* Authentication data */ - KTEXT cip = *cipp; - MSG_DAT scip; - int status = 0; - des_cblock key; - des_key_schedule sched; - char phost[MAXHOSTNAMELEN + 1]; - struct sockaddr_in caddr; /* client internet address */ - struct sockaddr_in saddr; /* server internet address */ - - rkinitd_intkt_info *rii = (rkinitd_intkt_info *)arg; - - u_char enc_data[MAX_KTXT_LEN]; - - SBCLEAR(auth); - SBCLEAR(auth_dat); - SBCLEAR(scip); - BCLEAR(enc_data); - - scip.app_data = enc_data; - - /* - * Exchange with the client our response from the KDC (ticket encrypted - * in user's private key) for the same ticket encrypted in our - * (not yet known) session key. - */ - - rpc_exchange_tkt(cip, &scip); - - /* - * Get the authenticator - */ - - SBCLEAR(auth); - - rpc_getauth(&auth, &caddr, &saddr); - - /* - * Decode authenticator and extract session key. The first zero - * means we don't care what host this comes from. This needs to - * be done with euid of root so that /etc/srvtab can be read. - */ - - BCLEAR(phost); - this_phost(phost, sizeof(phost)); - - /* - * This function has to use longjmp to return to the caller - * because the kerberos library routine that calls it doesn't - * pay attention to the return value it gives. That means that - * if any of these routines failed, the error returned to the client - * would be "password incorrect". - */ - - if ((status = krb_rd_req(&auth, KEY, phost, caddr.sin_addr.s_addr, - &auth_dat, KEYFILE))) { - sprintf(errbuf, "krb_rd_req: %s", krb_err_txt[status]); - rkinit_errmsg(errbuf); - longjmp(rii->env, status); - } - - bcopy(auth_dat.session, key, sizeof(key)); - if (des_key_sched(&key, sched)) { - sprintf(errbuf, "Error in des_key_sched"); - rkinit_errmsg(errbuf); - longjmp(rii->env, RKINIT_DES); - } - - /* Decrypt the data. */ - if ((status = - krb_rd_priv((u_char *)scip.app_data, scip.app_length, - sched, key, &caddr, &saddr, &msg_data)) == KSUCCESS) { - cip->length = msg_data.app_length; - bcopy(msg_data.app_data, cip->dat, msg_data.app_length); - cip->dat[cip->length] = 0; - } - else { - sprintf(errbuf, "krb_rd_priv: %s", krb_err_txt[status]); - rkinit_errmsg(errbuf); - longjmp(rii->env, status); - } - - return(status); -} - -#ifdef __STDC__ -static int validate_user(char *aname, char *inst, char *realm, - char *username, char *errmsg) -#else -static int validate_user(aname, inst, realm, username, errmsg) - char *aname; - char *inst; - char *realm; - char *username; - char *errmsg; -#endif /* __STDC__ */ -{ - struct passwd *pwnam; /* For access_check and uid */ - AUTH_DAT auth_dat; - int kstatus = KSUCCESS; - - SBCLEAR(auth_dat); - - if ((pwnam = getpwnam(username)) == NULL) { - sprintf(errmsg, "%s does not exist on the remote host.", username); - return(FAILURE); - } - - strcpy(auth_dat.pname, aname); - strcpy(auth_dat.pinst, inst); - strcpy(auth_dat.prealm, realm); - - if (seteuid(pwnam->pw_uid) < 0) { - sprintf(errmsg, "Failure setting euid to %d: %s\n", pwnam->pw_uid, - sys_errlist[errno]); - strcpy(errbuf, errmsg); - error(); - return(FAILURE); - } - kstatus = kuserok(&auth_dat, username); - if (seteuid(0) < 0) { - sprintf(errmsg, "Failure setting euid to 0: %s\n", - sys_errlist[errno]); - strcpy(errbuf, errmsg); - error(); - return(FAILURE); - } - - if (kstatus != KSUCCESS) { - sprintf(errmsg, "%s has not allowed you to log in with", username); - if (strlen(auth_dat.pinst)) - sprintf(errmsg, "%s %s.%s", errmsg, auth_dat.pname, - auth_dat.pinst); - else - sprintf(errmsg, "%s %s", errmsg, auth_dat.pname); - sprintf(errmsg, "%s@%s tickets.", errmsg, auth_dat.prealm); - return(FAILURE); - } - - /* - * Set real uid to owner of ticket file. The library takes care - * of making the appropriate change. - */ - if (setruid(pwnam->pw_uid) < 0) { - sprintf(errmsg, "Failure setting ruid to %d: %s\n", pwnam->pw_uid, - sys_errlist[errno]); - strcpy(errbuf, errmsg); - error(); - return(FAILURE); - } - - return(RKINIT_SUCCESS); -} - -#ifdef __STDC__ -int get_tickets(int version) -#else -int get_tickets(version) - int version; -#endif /* __STDC__ */ -{ - rkinit_info info; - AUTH_DAT auth_dat; - - int status; - char errmsg[BUFSIZ]; /* error message for client */ - - rkinitd_intkt_info rii; - - SBCLEAR(info); - SBCLEAR(auth_dat); - BCLEAR(errmsg); - SBCLEAR(rii); - - rpc_get_rkinit_info(&info); - - /* - * The validate_user routine makes sure that the principal in question - * is allowed to log in as username, and if so, does a setuid(localuid). - * If there is an access violation or an error in setting the uid, - * an error is returned and the string errmsg is initialized with - * an error message that will be sent back to the client. - */ - if ((status = validate_user(info.aname, info.inst, info.realm, - info.username, errmsg)) != RKINIT_SUCCESS) { - rpc_send_error(errmsg); - exit(0); - } - else - rpc_send_success(); - - /* - * If the name of a ticket file was specified, set it; otherwise, - * just use the default. - */ - if (strlen(info.tktfilename)) - krb_set_tkt_string(info.tktfilename); - - /* - * Call internal kerberos library routine so that we can supply - * our own ticket decryption routine. - */ - - /* - * We need a setjmp here because krb_get_in_tkt ignores the - * return value of decrypt_tkt. Thus if we want any of its - * return values to reach the client, we have to jump out of - * the routine. - */ - - if (setjmp(rii.env) == 0) { - if ((status = krb_get_in_tkt(info.aname, info.inst, info.realm, - info.sname, info.sinst, info.lifetime, - NULL, decrypt_tkt, (char *)&rii))) { - strcpy(errmsg, krb_err_txt[status]); - rpc_send_error(errmsg); - } - else - rpc_send_success(); - } - else - rpc_send_error(errbuf); - - return(RKINIT_SUCCESS); -} diff --git a/eBones/libexec/rkinitd/rkinitd.8 b/eBones/libexec/rkinitd/rkinitd.8 deleted file mode 100644 index c90f92e5a17d..000000000000 --- a/eBones/libexec/rkinitd/rkinitd.8 +++ /dev/null @@ -1,42 +0,0 @@ -.\" -.\" $Header: /home/ncvs/src/eBones/libexec/rkinitd/rkinitd.8,v 1.2 1995/09/17 07:58:21 markm Exp $ -.\" $Source: /home/ncvs/src/eBones/libexec/rkinitd/rkinitd.8,v $ -.\" $Author: markm $ -.\" -.\" -.TH RKINITD 8 "November 12, 1989" -.UC 4 -.SH NAME -rkinitd \- server for -.I rkinit, -a remote kerberos ticket establishment utility -.SH SYNOPSIS -.B rkinitd -.SH DESCRIPTION -.I rkinitd -is the server for -.I rkinit. -See -.IR rkinit (1) -for information about -.I rkinit. -.I rkinitd -is started from inetd and must be run as root or be installed -setuid(root) as it needs to be able to read /etc/kerberosIV/srvtab and -change its uid to create tickets. - -.I rkinitd -times out in 60 seconds if the transaction is not completed. - -.I rkinitd -must be running on a machine that is registered for rlogin -service; that is, the host must have a srvtab containing an rcmd.<host> -key where <host> is the value returned by the -.IR krb_get_phost (3) -kerberos library call. - -.SH SEE ALSO -rkinit(1), inetd(8), kerberos(1), kerberos(3) - -.SH AUTHOR -Emanuel Jay Berkenbilt (MIT-Project Athena) diff --git a/eBones/libexec/rkinitd/rkinitd.c b/eBones/libexec/rkinitd/rkinitd.c deleted file mode 100644 index 724414977c24..000000000000 --- a/eBones/libexec/rkinitd/rkinitd.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * $Id: rkinitd.c,v 1.1 1993/12/10 18:54:19 dglo Exp gibbs $ - * $Source: /usr/src/eBones/rkinitd/RCS/rkinitd.c,v $ - * $Author: dglo $ - * - * This is the main source file for rkinit - */ - -#if !defined(lint) && !defined(SABER) && !defined(LOCORE) && defined(RCS_HDRS) -static char *rcsid = "$Id: rkinitd.c,v 1.1 1993/12/10 18:54:19 dglo Exp gibbs $"; -#endif /* lint || SABER || LOCORE || RCS_HDRS */ - -#include <stdio.h> -#include <ctype.h> -#include <errno.h> -#include <sys/types.h> -#include <sys/file.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <strings.h> -#include <signal.h> -#include <sys/time.h> -#include <pwd.h> -#include <unistd.h> -#include <krb.h> -#include <des.h> -#include <syslog.h> - -#include <rkinit.h> -#include <rkinit_err.h> -#include <rkinit_private.h> - -#include "rkinitd.h" - -extern int errno; - -static int inetd = TRUE; /* True if we were started by inetd */ - -#ifdef __STDC__ -static void usage(void) -#else -static void usage() -#endif /* __STDC__ */ -{ - syslog(LOG_ERR, "rkinitd usage: rkinitd [-notimeout]\n"); - exit(1); -} - -#ifdef __STDC__ -void error(void) -#else -void error() -#endif /* __STDC__ */ -{ - char errbuf[BUFSIZ]; - - strcpy(errbuf, rkinit_errmsg(0)); - if (strlen(errbuf)) { - if (inetd) - syslog(LOG_ERR, "rkinitd: %s", errbuf); - else - fprintf(stderr, "rkinitd: %s\n", errbuf); - } -} - -int -#ifdef __STDC__ -main(int argc, char *argv[]) -#else -main(argc, argv) - int argc; - char *argv[]; -#endif /* __STDC__ */ -{ - int version; /* Version of the transaction */ - - int notimeout = FALSE; /* Should we not timeout? */ - - static char *envinit[1]; /* Empty environment */ - extern char **environ; /* This process's environment */ - - int status = 0; /* General error code */ - - /* - * Clear the environment so that this process does not inherit - * kerberos ticket variable information from the person who started - * the process (if a person started it...). - */ - environ = envinit; - - /* Initialize com_err error table */ - init_rkin_err_tbl(); - -#ifdef DEBUG - /* This only works if the library was compiled with DEBUG defined */ - rki_i_am_server(); -#endif /* DEBUG */ - - /* - * Make sure that we are running as root or can arrange to be - * running as root. We need both to be able to read /etc/srvtab - * and to be able to change uid to create tickets. - */ - - (void) setuid(0); - if (getuid() != 0) { - syslog(LOG_ERR, "rkinitd: not running as root.\n"); - exit(1); - } - - /* Determine whether to time out */ - if (argc == 2) { - if (strcmp(argv[1], "-notimeout")) - usage(); - else - notimeout = TRUE; - } - else if (argc != 1) - usage(); - - inetd = setup_rpc(notimeout); - - if ((status = choose_version(&version) != RKINIT_SUCCESS)) { - error(); - exit(1); - } - - if ((status = get_tickets(version) != RKINIT_SUCCESS)) { - error(); - exit(1); - } - - exit(0); -} - - diff --git a/eBones/libexec/rkinitd/rkinitd.h b/eBones/libexec/rkinitd/rkinitd.h deleted file mode 100644 index 1a65cba24ae3..000000000000 --- a/eBones/libexec/rkinitd/rkinitd.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * $Id: rkinitd.h,v 1.1 1993/12/10 19:02:10 dglo Exp gibbs $ - * $Source: /usr/src/eBones/rkinitd/RCS/rkinitd.h,v $ - * $Author: dglo $ - * - * This header file contains function declarations for use for rkinitd - */ - -#ifndef __RKINITD_H__ -#define __RKINITD_H__ - -#if !defined(lint) && !defined(SABER) && !defined(LOCORE) && defined(RCS_HDRS) -static char *rcsid_rkinitd_h = "$Id: rkinitd.h,v 1.1 1993/12/10 19:02:10 dglo Exp gibbs $"; -#endif /* lint || SABER || LOCORE || RCS_HDRS */ - -#ifdef __STDC__ -#define RK_PROTO(x) x -#else -#define RK_PROTO(x) () -#endif /* __STDC__ */ - -int get_tickets RK_PROTO((int)); -void error RK_PROTO((void)); -int setup_rpc RK_PROTO((int)) ; -void rpc_exchange_version_info RK_PROTO((int *, int *, int, int)); -void rpc_get_rkinit_info RK_PROTO((rkinit_info *)); -void rpc_send_error RK_PROTO((char *)); -void rpc_send_success RK_PROTO((void)); -void rpc_exchange_tkt RK_PROTO((KTEXT, MSG_DAT *)); -void rpc_getauth RK_PROTO((KTEXT, struct sockaddr_in *, struct sockaddr_in *)); -int choose_version RK_PROTO((int *)); - - -#endif /* __RKINITD_H__ */ diff --git a/eBones/libexec/rkinitd/rpc.c b/eBones/libexec/rkinitd/rpc.c deleted file mode 100644 index 97d4f9f85c4e..000000000000 --- a/eBones/libexec/rkinitd/rpc.c +++ /dev/null @@ -1,222 +0,0 @@ -/* - * $Id: rpc.c,v 1.1 1993/12/10 18:59:29 dglo Exp gibbs $ - * $Source: /usr/src/eBones/rkinitd/RCS/rpc.c,v $ - * $Author: dglo $ - * - * This file contains the network parts of the rkinit server. - */ - -#if !defined(lint) && !defined(SABER) && !defined(LOCORE) && defined(RCS_HDRS) -static char *rcsid = "$Id: rpc.c,v 1.1 1993/12/10 18:59:29 dglo Exp gibbs $"; -#endif /* lint || SABER || LOCORE || RCS_HDRS */ - -#include <stdio.h> -#include <sys/types.h> -#include <netinet/in.h> -#include <sys/time.h> -#include <sys/socket.h> -#include <syslog.h> -#include <signal.h> -#include <errno.h> -#include <string.h> - -#include <rkinit.h> -#include <rkinit_err.h> -#include <rkinit_private.h> - -#include "rkinitd.h" - -#define RKINITD_TIMEOUT 60 - -extern int errno; - -static int in; /* sockets */ -static int out; - -static char errbuf[BUFSIZ]; - -void error(); - -#ifdef __STDC__ -static void timeout(int signal) -#else -static void timeout(signal) - int signal; -#endif /* __STDC__ */ -{ - syslog(LOG_WARNING, "rkinitd timed out.\n"); - exit(1); - - return; -} - -/* - * This function does all the network setup for rkinitd. - * It returns true if we were started from inetd, or false if - * we were started from the commandline. - * It causes the program to exit if there is an error. - */ -#ifdef __STDC__ -int setup_rpc(int notimeout) -#else -int setup_rpc(notimeout) - int notimeout; /* True if we should not timeout */ -#endif /* __STDC__ */ -{ - struct itimerval timer; /* Time structure for timeout */ - - /* For now, support only inetd. */ - in = 0; - out = 1; - - if (! notimeout) { - SBCLEAR(timer); - - /* Set up an itimer structure to send an alarm signal after timeout - seconds. */ - timer.it_interval.tv_sec = RKINITD_TIMEOUT; - timer.it_interval.tv_usec = 0; - timer.it_value = timer.it_interval; - - /* Start the timer. */ - if (setitimer (ITIMER_REAL, &timer, (struct itimerval *)0) < 0) { - sprintf(errbuf, "setitimer: %s", sys_errlist[errno]); - rkinit_errmsg(errbuf); - error(); - exit(1); - } - - signal(SIGALRM, timeout); - } - - return(TRUE); -} - -#ifdef __STDC__ -void rpc_exchange_version_info(int *c_lversion, int *c_hversion, - int s_lversion, int s_hversion) -#else -void rpc_exchange_version_info(c_lversion, c_hversion, s_lversion, s_hversion) - int *c_lversion; - int *c_hversion; - int s_lversion; - int s_hversion; -#endif /* __STDC__ */ -{ - u_char version_info[VERSION_INFO_SIZE]; - u_int32_t length = sizeof(version_info); - - if (rki_get_packet(in, MT_CVERSION, &length, (char *)version_info) != - RKINIT_SUCCESS) { - error(); - exit(1); - } - - *c_lversion = version_info[0]; - *c_hversion = version_info[1]; - - version_info[0] = s_lversion; - version_info[1] = s_hversion; - - if (rki_send_packet(out, MT_SVERSION, length, (char *)version_info) != - RKINIT_SUCCESS) { - error(); - exit(1); - } -} - -#ifdef __STDC__ -void rpc_get_rkinit_info(rkinit_info *info) -#else -void rpc_get_rkinit_info(info) - rkinit_info *info; -#endif /* __STDC__ */ -{ - u_int32_t length = sizeof(rkinit_info); - - if (rki_get_packet(in, MT_RKINIT_INFO, &length, (char *)info)) { - error(); - exit(1); - } - - info->lifetime = ntohl(info->lifetime); -} - -#ifdef __STDC__ -void rpc_send_error(char *errmsg) -#else -void rpc_send_error(errmsg) - char *errmsg; -#endif /* __STDC__ */ -{ - if (rki_send_packet(out, MT_STATUS, strlen(errmsg), errmsg)) { - error(); - exit(1); - } -} - -#ifdef __STDC__ -void rpc_send_success(void) -#else -void rpc_send_success() -#endif /* __STDC__ */ -{ - if (rki_send_packet(out, MT_STATUS, 0, "")) { - error(); - exit(1); - } -} - -#ifdef __STDC__ -void rpc_exchange_tkt(KTEXT cip, MSG_DAT *scip) -#else -void rpc_exchange_tkt(cip, scip) - KTEXT cip; - MSG_DAT *scip; -#endif /* __STDC__ */ -{ - u_int32_t length = MAX_KTXT_LEN; - - if (rki_send_packet(out, MT_SKDC, cip->length, (char *)cip->dat)) { - error(); - exit(1); - } - - if (rki_get_packet(in, MT_CKDC, &length, (char *)scip->app_data)) { - error(); - exit(1); - } - scip->app_length = length; -} - -#ifdef __STDC__ -void rpc_getauth(KTEXT auth, struct sockaddr_in *caddr, - struct sockaddr_in *saddr) -#else -void rpc_getauth(auth, caddr, saddr) - KTEXT auth; - struct sockaddr_in *caddr; - struct sockaddr_in *saddr; -#endif /* __STDC__ */ -{ - int addrlen = sizeof(struct sockaddr_in); - - if (rki_rpc_get_ktext(in, auth, MT_AUTH)) { - error(); - exit(1); - } - - if (getpeername(in, (struct sockaddr *)caddr, &addrlen) < 0) { - sprintf(errbuf, "getpeername: %s", sys_errlist[errno]); - rkinit_errmsg(errbuf); - error(); - exit(1); - } - - if (getsockname(out, (struct sockaddr *)saddr, &addrlen) < 0) { - sprintf(errbuf, "getsockname: %s", sys_errlist[errno]); - rkinit_errmsg(errbuf); - error(); - exit(1); - } -} diff --git a/eBones/libexec/rkinitd/util.c b/eBones/libexec/rkinitd/util.c deleted file mode 100644 index 20812051dc48..000000000000 --- a/eBones/libexec/rkinitd/util.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * $Id: util.c,v 1.1 1993/12/10 18:59:29 dglo Exp gibbs $ - * $Source: /usr/src/eBones/rkinitd/RCS/util.c,v $ - * $Author: dglo $ - * - * This file contains general rkinit server utilities. - */ - -#if !defined(lint) && !defined(SABER) && !defined(LOCORE) && defined(RCS_HDRS) -static char *rcsid = "$Id: util.c,v 1.1 1993/12/10 18:59:29 dglo Exp gibbs $"; -#endif /* lint || SABER || LOCORE || RCS_HDRS */ - -#include <stdio.h> -#include <rkinit.h> -#include <rkinit_err.h> -#include <rkinit_private.h> - -#include "rkinitd.h" - -static char errbuf[BUFSIZ]; - -void rpc_exchange_version_info(); -void error(); - -#ifdef __STDC__ -int choose_version(int *version) -#else -int choose_version(version) - int *version; -#endif /* __STDC__ */ -{ - int c_lversion; /* lowest version number client supports */ - int c_hversion; /* highest version number client supports */ - int status = RKINIT_SUCCESS; - - rpc_exchange_version_info(&c_lversion, &c_hversion, - RKINIT_LVERSION, RKINIT_HVERSION); - - *version = min(RKINIT_HVERSION, c_hversion); - if (*version < max(RKINIT_LVERSION, c_lversion)) { - sprintf(errbuf, - "Can't run version %d client against version %d server.", - c_hversion, RKINIT_HVERSION); - rkinit_errmsg(errbuf); - return(RKINIT_VERSION); - } - - return(status); -} |