Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/heimdal/appl/rsh/common.c
34878 views
1
/*

2
 * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan

3
 * (Royal Institute of Technology, Stockholm, Sweden).

4
 * All rights reserved.

5
 *

6
 * Redistribution and use in source and binary forms, with or without

7
 * modification, are permitted provided that the following conditions

8
 * are met:

9
 *

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 *

13
 * 2. Redistributions in binary form must reproduce the above copyright

14
 *    notice, this list of conditions and the following disclaimer in the

15
 *    documentation and/or other materials provided with the distribution.

16
 *

17
 * 3. Neither the name of the Institute nor the names of its contributors

18
 *    may be used to endorse or promote products derived from this software

19
 *    without specific prior written permission.

20
 *

21
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND

22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

31
 * SUCH DAMAGE.

32
 */

33


34
#include "rsh_locl.h"

35
RCSID("$Id$");

36


37
#if defined(KRB5)

38


39
#ifdef KRB5

40
int key_usage = 1026;

41


42
void *ivec_in[2];

43
void *ivec_out[2];

44


45
void

46
init_ivecs(int client, int have_errsock)

47
{

48
    size_t blocksize;

49


50
    krb5_crypto_getblocksize(context, crypto, &blocksize);

51


52
    ivec_in[0] = malloc(blocksize);

53
    memset(ivec_in[0], client, blocksize);

54


55
    if(have_errsock) {

56
	ivec_in[1] = malloc(blocksize);

57
	memset(ivec_in[1], 2 | client, blocksize);

58
    } else

59
	ivec_in[1] = ivec_in[0];

60


61
    ivec_out[0] = malloc(blocksize);

62
    memset(ivec_out[0], !client, blocksize);

63


64
    if(have_errsock) {

65
	ivec_out[1] = malloc(blocksize);

66
	memset(ivec_out[1], 2 | !client, blocksize);

67
    } else

68
	ivec_out[1] = ivec_out[0];

69
}

70
#endif

71


72


73
ssize_t

74
do_read (int fd, void *buf, size_t sz, void *ivec)

75
{

76
    if (do_encrypt) {

77
#ifdef KRB5

78
        if(auth_method == AUTH_KRB5) {

79
	    krb5_error_code ret;

80
	    uint32_t len, outer_len;

81
	    int status;

82
	    krb5_data data;

83
	    void *edata;

84


85
	    ret = krb5_net_read (context, &fd, &len, 4);

86
	    if (ret <= 0)

87
		return ret;

88
	    len = ntohl(len);

89
	    if (len > sz)

90
		abort ();

91
	    /* ivec will be non null for protocol version 2 */

92
	    if(ivec != NULL)

93
		outer_len = krb5_get_wrapped_length (context, crypto, len + 4);

94
	    else

95
		outer_len = krb5_get_wrapped_length (context, crypto, len);

96
	    edata = malloc (outer_len);

97
	    if (edata == NULL)

98
		errx (1, "malloc: cannot allocate %u bytes", outer_len);

99
	    ret = krb5_net_read (context, &fd, edata, outer_len);

100
	    if (ret <= 0) {

101
		free(edata);

102
		return ret;

103
	    }

104


105
	    status = krb5_decrypt_ivec(context, crypto, key_usage,

106
				       edata, outer_len, &data, ivec);

107
	    free (edata);

108


109
	    if (status)

110
		krb5_err (context, 1, status, "decrypting data");

111
	    if(ivec != NULL) {

112
		unsigned long l;

113
		if(data.length < len + 4)

114
		    errx (1, "data received is too short");

115
		_krb5_get_int(data.data, &l, 4);

116
		if(l != len)

117
		    errx (1, "inconsistency in received data");

118
		memcpy (buf, (unsigned char *)data.data+4, len);

119
	    } else

120
		memcpy (buf, data.data, len);

121
	    krb5_data_free (&data);

122
	    return len;

123
	} else

124
#endif /* KRB5 */

125
	    abort ();

126
    } else

127
	return read (fd, buf, sz);

128
}

129


130
ssize_t

131
do_write (int fd, void *buf, size_t sz, void *ivec)

132
{

133
    if (do_encrypt) {

134
#ifdef KRB5

135
	if(auth_method == AUTH_KRB5) {

136
	    krb5_error_code status;

137
	    krb5_data data;

138
	    unsigned char len[4];

139
	    int ret;

140


141
	    _krb5_put_int(len, sz, 4);

142
	    if(ivec != NULL) {

143
		unsigned char *tmp = malloc(sz + 4);

144
		if(tmp == NULL)

145
		    err(1, "malloc");

146
		_krb5_put_int(tmp, sz, 4);

147
		memcpy(tmp + 4, buf, sz);

148
		status = krb5_encrypt_ivec(context, crypto, key_usage,

149
					   tmp, sz + 4, &data, ivec);

150
		free(tmp);

151
	    } else

152
		status = krb5_encrypt_ivec(context, crypto, key_usage,

153
					   buf, sz, &data, ivec);

154


155
	    if (status)

156
		krb5_err(context, 1, status, "encrypting data");

157


158
	    ret = krb5_net_write (context, &fd, len, 4);

159
	    if (ret != 4)

160
		return ret;

161
	    ret = krb5_net_write (context, &fd, data.data, data.length);

162
	    if (ret != data.length)

163
		return ret;

164
	    free (data.data);

165
	    return sz;

166
	} else

167
#endif /* KRB5 */

168
	    abort();

169
    } else

170
	return write (fd, buf, sz);

171
}

172
#endif /* KRB5 */

173


174