[dragonfly.git] / lib / libc / rpc / auth_des.c

/*
 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
 * unrestricted use provided that this legend is included on all tape
 * media and as a part of the software program in whole or part.  Users
 * may copy or modify Sun RPC without charge, but are not authorized
 * to license or distribute it to anyone else except as part of a product or
 * program developed by the user.
 * 
 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
 * 
 * Sun RPC is provided with no support and without any obligation on the
 * part of Sun Microsystems, Inc. to assist in its use, correction,
 * modification or enhancement.
 * 
 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
 * OR ANY PART THEREOF.
 * 
 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
 * or profits or other special, indirect and consequential damages, even if
 * Sun has been advised of the possibility of such damages.
 * 
 * Sun Microsystems, Inc.
 * 2550 Garcia Avenue
 * Mountain View, California  94043
 *
 * @(#)auth_des.c	2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI
 * $FreeBSD: src/lib/libc/rpc/auth_des.c,v 1.10 2006/02/27 22:10:58 deischen Exp $
 */
/*
 * Copyright (c) 1988 by Sun Microsystems, Inc.
 */
/*
 * auth_des.c, client-side implementation of DES authentication
 */

#include "namespace.h"
#include "reentrant.h"
#include <err.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <rpc/des_crypt.h>
#include <syslog.h>
#include <rpc/types.h>
#include <rpc/auth.h>
#include <rpc/auth_des.h>
#include <rpc/clnt.h>
#include <rpc/xdr.h>
#include <sys/socket.h>
#undef NIS
#include <rpcsvc/nis.h>
#include "un-namespace.h"
#include "mt_misc.h"

#define USEC_PER_SEC		1000000
#define RTIME_TIMEOUT		5	/* seconds to wait for sync */

#define AUTH_PRIVATE(auth)	(struct ad_private *) auth->ah_private
#define ALLOC(object_type)	(object_type *) mem_alloc(sizeof(object_type))
#define FREE(ptr, size)		mem_free((char *)(ptr), (int) size)
#define ATTEMPT(xdr_op)		if (!(xdr_op)) return (FALSE)

extern bool_t	xdr_authdes_cred(XDR *, struct authdes_cred *);
extern bool_t	xdr_authdes_verf(XDR *, struct authdes_verf *);
extern int	key_encryptsession_pk(char *, netobj *, des_block *);

extern bool_t	__rpc_get_time_offset(struct timeval *, nis_server *, char *,
				      char **, char **);


/* 
 * DES authenticator operations vector
 */
static void	authdes_nextverf(AUTH *);
static bool_t	authdes_marshal(AUTH *, XDR *);
static bool_t	authdes_validate(AUTH *, struct opaque_auth *);
static bool_t	authdes_refresh(AUTH *, void *);
static void	authdes_destroy(AUTH *);

static struct auth_ops *authdes_ops(void);

/*
 * This struct is pointed to by the ah_private field of an "AUTH *"
 */
struct ad_private {
	char *ad_fullname; 		/* client's full name */
	u_int ad_fullnamelen;		/* length of name, rounded up */
	char *ad_servername; 		/* server's full name */
	u_int ad_servernamelen;		/* length of name, rounded up */
	u_int ad_window;	  	/* client specified window */
	bool_t ad_dosync;		/* synchronize? */
	struct netbuf ad_syncaddr;	/* remote host to synch with */
	char *ad_timehost;		/* remote host to synch with */
	struct timeval ad_timediff;	/* server's time - client's time */
	u_int ad_nickname;		/* server's nickname for client */
	struct authdes_cred ad_cred;	/* storage for credential */
	struct authdes_verf ad_verf;	/* storage for verifier */
	struct timeval ad_timestamp;	/* timestamp sent */
	des_block ad_xkey;		/* encrypted conversation key */
	u_char ad_pkey[1024];		/* Server's actual public key */
	char *ad_netid;			/* Timehost netid */
	char *ad_uaddr;			/* Timehost uaddr */
	nis_server *ad_nis_srvr;	/* NIS+ server struct */
};

AUTH *authdes_pk_seccreate(const char *, netobj *, u_int, const char *,
			   const des_block *, nis_server *);
/*
 * documented version of authdes_seccreate
 */
/*
	servername:	network name of server
	win:		time to live
	timehost:	optional hostname to sync with
	ckey:		optional conversation key to use
*/

AUTH *
authdes_seccreate(const char *servername, const u_int win,
		  const char *timehost, const des_block *ckey)
{
	u_char  pkey_data[1024];
	netobj  pkey;
	AUTH    *dummy;

	if (! getpublickey(servername, (char *) pkey_data)) {
		syslog(LOG_ERR,
		    "authdes_seccreate: no public key found for %s",
		    servername);
		return (NULL);
	}

	pkey.n_bytes = (char *) pkey_data;
	pkey.n_len = (u_int)strlen((char *)pkey_data) + 1;
	dummy = authdes_pk_seccreate(servername, &pkey, win, timehost,
	    ckey, NULL);
	return (dummy);
}

/*
 * Slightly modified version of authdessec_create which takes the public key
 * of the server principal as an argument. This spares us a call to
 * getpublickey() which in the nameserver context can cause a deadlock.
 */
AUTH *
authdes_pk_seccreate(const char *servername, netobj *pkey, u_int window,
		     const char *timehost, const des_block *ckey,
		     nis_server *srvr)
{
	AUTH *auth;
	struct ad_private *ad;
	char namebuf[MAXNETNAMELEN+1];

	/*
	 * Allocate everything now
	 */
	auth = ALLOC(AUTH);
	if (auth == NULL) {
		syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
		return (NULL);
	}
	ad = ALLOC(struct ad_private);
	if (ad == NULL) {
		syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
		goto failed;
	}
	ad->ad_fullname = ad->ad_servername = NULL; /* Sanity reasons */
	ad->ad_timehost = NULL;
	ad->ad_netid = NULL;
	ad->ad_uaddr = NULL;
	ad->ad_nis_srvr = NULL;
	ad->ad_timediff.tv_sec = 0;
	ad->ad_timediff.tv_usec = 0;
	memcpy(ad->ad_pkey, pkey->n_bytes, pkey->n_len);
	if (!getnetname(namebuf))
		goto failed;
	ad->ad_fullnamelen = RNDUP((u_int) strlen(namebuf));
	ad->ad_fullname = (char *)mem_alloc(ad->ad_fullnamelen + 1);
	ad->ad_servernamelen = strlen(servername);
	ad->ad_servername = (char *)mem_alloc(ad->ad_servernamelen + 1);

	if (ad->ad_fullname == NULL || ad->ad_servername == NULL) {
		syslog(LOG_ERR, "authdes_seccreate: out of memory");
		goto failed;
	}
	if (timehost != NULL) {
		ad->ad_timehost = (char *)mem_alloc(strlen(timehost) + 1);
		if (ad->ad_timehost == NULL) {
			syslog(LOG_ERR, "authdes_seccreate: out of memory");
			goto failed;
		}
		memcpy(ad->ad_timehost, timehost, strlen(timehost) + 1);
		ad->ad_dosync = TRUE;
	} else if (srvr != NULL) {
		ad->ad_nis_srvr = srvr;	/* transient */
		ad->ad_dosync = TRUE;
	} else {
		ad->ad_dosync = FALSE;
	}
	memcpy(ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1);
	memcpy(ad->ad_servername, servername, ad->ad_servernamelen + 1);
	ad->ad_window = window;
	if (ckey == NULL) {
		if (key_gendes(&auth->ah_key) < 0) {
			syslog(LOG_ERR,
	    "authdes_seccreate: keyserv(1m) is unable to generate session key");
			goto failed;
		}
	} else {
		auth->ah_key = *ckey;
	}

	/*
	 * Set up auth handle
	 */
	auth->ah_cred.oa_flavor = AUTH_DES;
	auth->ah_verf.oa_flavor = AUTH_DES;
	auth->ah_ops = authdes_ops();
	auth->ah_private = (caddr_t)ad;

	if (!authdes_refresh(auth, NULL)) {
		goto failed;
	}
	ad->ad_nis_srvr = NULL; /* not needed any longer */
	return (auth);

failed:
	if (auth)
		FREE(auth, sizeof (AUTH));
	if (ad) {
		if (ad->ad_fullname)
			FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
		if (ad->ad_servername)
			FREE(ad->ad_servername, ad->ad_servernamelen + 1);
		if (ad->ad_timehost)
			FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
		if (ad->ad_netid)
			FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
		if (ad->ad_uaddr)
			FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
		FREE(ad, sizeof (struct ad_private));
	}
	return (NULL);
}

/*
 * Implement the five authentication operations
 */


/*
 * 1. Next Verifier
 */	
/*ARGSUSED*/
static void
authdes_nextverf(AUTH *auth)
{
	/* what the heck am I supposed to do??? */
}


/*
 * 2. Marshal
 */
static bool_t
authdes_marshal(AUTH *auth, XDR *xdrs)
{
/* LINTED pointer alignment */
	struct ad_private *ad = AUTH_PRIVATE(auth);
	struct authdes_cred *cred = &ad->ad_cred;
	struct authdes_verf *verf = &ad->ad_verf;
	des_block cryptbuf[2];
	des_block ivec;
	int status;
	int len;
	rpc_inline_t *ixdr;

	/*
	 * Figure out the "time", accounting for any time difference
	 * with the server if necessary.
	 */
	gettimeofday(&ad->ad_timestamp, NULL);
	ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec;
	ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec;
	while (ad->ad_timestamp.tv_usec >= USEC_PER_SEC) {
		ad->ad_timestamp.tv_usec -= USEC_PER_SEC;
		ad->ad_timestamp.tv_sec++;
	}

	/*
	 * XDR the timestamp and possibly some other things, then
	 * encrypt them.
	 */
	ixdr = (rpc_inline_t *)cryptbuf;
	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_sec);
	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_usec);
	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
		IXDR_PUT_U_INT32(ixdr, ad->ad_window);
		IXDR_PUT_U_INT32(ixdr, ad->ad_window - 1);
		ivec.key.high = ivec.key.low = 0;	
		status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf, 
			(u_int) 2 * sizeof (des_block),
			DES_ENCRYPT | DES_HW, (char *)&ivec);
	} else {
		status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf, 
			(u_int) sizeof (des_block),
			DES_ENCRYPT | DES_HW);
	}
	if (DES_FAILED(status)) {
		syslog(LOG_ERR, "authdes_marshal: DES encryption failure");
		return (FALSE);
	}
	ad->ad_verf.adv_xtimestamp = cryptbuf[0];
	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
		ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high;
		ad->ad_verf.adv_winverf = cryptbuf[1].key.low;
	} else {
		ad->ad_cred.adc_nickname = ad->ad_nickname;
		ad->ad_verf.adv_winverf = 0;
	}

	/*
	 * Serialize the credential and verifier into opaque
	 * authentication data.
	 */
	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
		len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen);
	} else {
		len = (1 + 1)*BYTES_PER_XDR_UNIT;
	}

	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
		IXDR_PUT_INT32(ixdr, AUTH_DES);
		IXDR_PUT_INT32(ixdr, len);
	} else {
		ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_cred.oa_flavor));
		ATTEMPT(xdr_putint32(xdrs, &len));
	}
	ATTEMPT(xdr_authdes_cred(xdrs, cred));

	len = (2 + 1)*BYTES_PER_XDR_UNIT; 
	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
		IXDR_PUT_INT32(ixdr, AUTH_DES);
		IXDR_PUT_INT32(ixdr, len);
	} else {
		ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_verf.oa_flavor));
		ATTEMPT(xdr_putint32(xdrs, &len));
	}
	ATTEMPT(xdr_authdes_verf(xdrs, verf));
	return (TRUE);
}


/*
 * 3. Validate
 */
static bool_t
authdes_validate(AUTH *auth, struct opaque_auth *rverf)
{
/* LINTED pointer alignment */
	struct ad_private *ad = AUTH_PRIVATE(auth);
	struct authdes_verf verf;
	int status;
	uint32_t *ixdr;
	des_block buf;

	if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) {
		return (FALSE);
	}
/* LINTED pointer alignment */
	ixdr = (uint32_t *)rverf->oa_base;
	buf.key.high = (uint32_t)*ixdr++;
	buf.key.low = (uint32_t)*ixdr++;
	verf.adv_int_u = (uint32_t)*ixdr++;

	/*
	 * Decrypt the timestamp
	 */
	status = ecb_crypt((char *)&auth->ah_key, (char *)&buf,
		(u_int)sizeof (des_block), DES_DECRYPT | DES_HW);

	if (DES_FAILED(status)) {
		syslog(LOG_ERR, "authdes_validate: DES decryption failure");
		return (FALSE);
	}

	/*
	 * xdr the decrypted timestamp
	 */
/* LINTED pointer alignment */
	ixdr = (uint32_t *)buf.c;
	verf.adv_timestamp.tv_sec = IXDR_GET_INT32(ixdr) + 1;
	verf.adv_timestamp.tv_usec = IXDR_GET_INT32(ixdr);

	/*
	 * validate
	 */
	if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
		 sizeof(struct timeval)) != 0) {
		syslog(LOG_DEBUG, "authdes_validate: verifier mismatch");
		return (FALSE);
	}

	/*
	 * We have a nickname now, let's use it
	 */
	ad->ad_nickname = verf.adv_nickname;
	ad->ad_cred.adc_namekind = ADN_NICKNAME;
	return (TRUE);
}

/*
 * 4. Refresh
 */
/*ARGSUSED*/
static bool_t
authdes_refresh(AUTH *auth, void *dummy)
{
/* LINTED pointer alignment */
	struct ad_private *ad = AUTH_PRIVATE(auth);
	struct authdes_cred *cred = &ad->ad_cred;
	int		ok;
	netobj		pkey;

	if (ad->ad_dosync) {
                ok = __rpc_get_time_offset(&ad->ad_timediff, ad->ad_nis_srvr,
		    ad->ad_timehost, &(ad->ad_uaddr),
		    &(ad->ad_netid));
		if (! ok) {
			/*
			 * Hope the clocks are synced!
			 */
			ad->ad_dosync = 0;
			syslog(LOG_DEBUG,
			    "authdes_refresh: unable to synchronize clock");
		}
	}
	ad->ad_xkey = auth->ah_key;
	pkey.n_bytes = (char *)(ad->ad_pkey);
	pkey.n_len = (u_int)strlen((char *)ad->ad_pkey) + 1;
	if (key_encryptsession_pk(ad->ad_servername, &pkey, &ad->ad_xkey) < 0) {
		syslog(LOG_INFO,
		    "authdes_refresh: keyserv(1m) is unable to encrypt session key");
		return (FALSE);
	}
	cred->adc_fullname.key = ad->ad_xkey;
	cred->adc_namekind = ADN_FULLNAME;
	cred->adc_fullname.name = ad->ad_fullname;
	return (TRUE);
}


/*
 * 5. Destroy
 */
static void
authdes_destroy(AUTH *auth)
{
/* LINTED pointer alignment */
	struct ad_private *ad = AUTH_PRIVATE(auth);

	FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
	FREE(ad->ad_servername, ad->ad_servernamelen + 1);
	if (ad->ad_timehost)
		FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
	if (ad->ad_netid)
		FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
	if (ad->ad_uaddr)
		FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
	FREE(ad, sizeof(struct ad_private));
	FREE(auth, sizeof(AUTH));
}

static struct auth_ops *
authdes_ops(void)
{
	static struct auth_ops ops;

	/* VARIABLES PROTECTED BY ops_lock: ops */

	mutex_lock(&authdes_ops_lock);
	if (ops.ah_nextverf == NULL) {
		ops.ah_nextverf = authdes_nextverf;
		ops.ah_marshal = authdes_marshal;
		ops.ah_validate = authdes_validate;
		ops.ah_refresh = authdes_refresh;
		ops.ah_destroy = authdes_destroy;
        }
	mutex_unlock(&authdes_ops_lock);
	return (&ops);
}
Commit	Line	Data
984263bc MD	1	/*
	2	* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
	3	* unrestricted use provided that this legend is included on all tape
	4	* media and as a part of the software program in whole or part. Users
	5	* may copy or modify Sun RPC without charge, but are not authorized
	6	* to license or distribute it to anyone else except as part of a product or
	7	* program developed by the user.
	8	*
	9	* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
	10	* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
	11	* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
	12	*
	13	* Sun RPC is provided with no support and without any obligation on the
	14	* part of Sun Microsystems, Inc. to assist in its use, correction,
	15	* modification or enhancement.
	16	*
	17	* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
	18	* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
	19	* OR ANY PART THEREOF.
	20	*
	21	* In no event will Sun Microsystems, Inc. be liable for any lost revenue
	22	* or profits or other special, indirect and consequential damages, even if
	23	* Sun has been advised of the possibility of such damages.
	24	*
	25	* Sun Microsystems, Inc.
	26	* 2550 Garcia Avenue
	27	* Mountain View, California 94043
1de703da MD	28	*
1de703da MD	29	* @(#)auth_des.c 2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI
ce0e08e2	30	* $FreeBSD: src/lib/libc/rpc/auth_des.c,v 1.10 2006/02/27 22:10:58 deischen Exp $
984263bc MD	31	*/
	32	/*
	33	* Copyright (c) 1988 by Sun Microsystems, Inc.
	34	*/
	35	/*
	36	* auth_des.c, client-side implementation of DES authentication
	37	*/
ce0e08e2 PA	38
	39	#include "namespace.h"
	40	#include "reentrant.h"
	41	#include <err.h>
	42	#include <errno.h>
984263bc MD	43	#include <string.h>
	44	#include <stdlib.h>
	45	#include <unistd.h>
984263bc	46	#include <rpc/des_crypt.h>
ce0e08e2	47	#include <syslog.h>
984263bc	48	#include <rpc/types.h>
984263bc MD	49	#include <rpc/auth.h>
984263bc MD	50	#include <rpc/auth_des.h>
ce0e08e2 PA	51	#include <rpc/clnt.h>
ce0e08e2 PA	52	#include <rpc/xdr.h>
984263bc MD	53	#include <sys/socket.h>
	54	#undef NIS
	55	#include <rpcsvc/nis.h>
ce0e08e2 PA	56	#include "un-namespace.h"
ce0e08e2 PA	57	#include "mt_misc.h"
984263bc	58
ce0e08e2 PA	59	#define USEC_PER_SEC 1000000
ce0e08e2 PA	60	#define RTIME_TIMEOUT 5 /* seconds to wait for sync */
984263bc MD	61
	62	#define AUTH_PRIVATE(auth) (struct ad_private *) auth->ah_private
	63	#define ALLOC(object_type) (object_type *) mem_alloc(sizeof(object_type))
	64	#define FREE(ptr, size) mem_free((char *)(ptr), (int) size)
	65	#define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE)
	66
ce0e08e2 PA	67	extern bool_t xdr_authdes_cred(XDR , struct authdes_cred );
ce0e08e2 PA	68	extern bool_t xdr_authdes_verf(XDR , struct authdes_verf );
e2b7bcae	69	extern int key_encryptsession_pk(char , netobj , des_block *);
ce0e08e2 PA	70
	71	extern bool_t __rpc_get_time_offset(struct timeval , nis_server , char *,
	72	char , char );
	73
984263bc MD	74
	75	/*
	76	* DES authenticator operations vector
	77	*/
ce0e08e2 PA	78	static void authdes_nextverf(AUTH *);
	79	static bool_t authdes_marshal(AUTH , XDR );
	80	static bool_t authdes_validate(AUTH , struct opaque_auth );
	81	static bool_t authdes_refresh(AUTH , void );
	82	static void authdes_destroy(AUTH *);
	83
	84	static struct auth_ops *authdes_ops(void);
	85
984263bc MD	86	/*
	87	* This struct is pointed to by the ah_private field of an "AUTH *"
	88	*/
	89	struct ad_private {
	90	char ad_fullname; / client's full name */
	91	u_int ad_fullnamelen; /* length of name, rounded up */
	92	char ad_servername; / server's full name */
	93	u_int ad_servernamelen; /* length of name, rounded up */
	94	u_int ad_window; /* client specified window */
ce0e08e2 PA	95	bool_t ad_dosync; /* synchronize? */
ce0e08e2 PA	96	struct netbuf ad_syncaddr; /* remote host to synch with */
984263bc MD	97	char ad_timehost; / remote host to synch with */
984263bc MD	98	struct timeval ad_timediff; /* server's time - client's time */
ce0e08e2	99	u_int ad_nickname; /* server's nickname for client */
984263bc MD	100	struct authdes_cred ad_cred; /* storage for credential */
	101	struct authdes_verf ad_verf; /* storage for verifier */
	102	struct timeval ad_timestamp; /* timestamp sent */
	103	des_block ad_xkey; /* encrypted conversation key */
	104	u_char ad_pkey[1024]; /* Server's actual public key */
	105	char ad_netid; / Timehost netid */
	106	char ad_uaddr; / Timehost uaddr */
	107	nis_server ad_nis_srvr; / NIS+ server struct */
	108	};
984263bc	109
ce0e08e2 PA	110	AUTH authdes_pk_seccreate(const char , netobj , u_int, const char ,
ce0e08e2 PA	111	const des_block , nis_server );
984263bc	112	/*
ce0e08e2 PA	113	* documented version of authdes_seccreate
	114	*/
	115	/*
	116	servername: network name of server
	117	win: time to live
	118	timehost: optional hostname to sync with
	119	ckey: optional conversation key to use
	120	*/
	121
984263bc	122	AUTH *
ce0e08e2 PA	123	authdes_seccreate(const char *servername, const u_int win,
ce0e08e2 PA	124	const char timehost, const des_block ckey)
984263bc	125	{
ce0e08e2 PA	126	u_char pkey_data[1024];
	127	netobj pkey;
	128	AUTH *dummy;
	129
	130	if (! getpublickey(servername, (char *) pkey_data)) {
	131	syslog(LOG_ERR,
	132	"authdes_seccreate: no public key found for %s",
	133	servername);
	134	return (NULL);
984263bc MD	135	}
984263bc MD	136
ce0e08e2 PA	137	pkey.n_bytes = (char *) pkey_data;
	138	pkey.n_len = (u_int)strlen((char *)pkey_data) + 1;
	139	dummy = authdes_pk_seccreate(servername, &pkey, win, timehost,
	140	ckey, NULL);
	141	return (dummy);
984263bc MD	142	}
	143
	144	/*
ce0e08e2	145	* Slightly modified version of authdessec_create which takes the public key
984263bc MD	146	* of the server principal as an argument. This spares us a call to
	147	* getpublickey() which in the nameserver context can cause a deadlock.
	148	*/
	149	AUTH *
ce0e08e2 PA	150	authdes_pk_seccreate(const char servername, netobj pkey, u_int window,
	151	const char timehost, const des_block ckey,
	152	nis_server *srvr)
984263bc MD	153	{
	154	AUTH *auth;
	155	struct ad_private *ad;
	156	char namebuf[MAXNETNAMELEN+1];
	157
	158	/*
	159	* Allocate everything now
	160	*/
	161	auth = ALLOC(AUTH);
	162	if (auth == NULL) {
ce0e08e2	163	syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
984263bc MD	164	return (NULL);
	165	}
	166	ad = ALLOC(struct ad_private);
	167	if (ad == NULL) {
ce0e08e2	168	syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
984263bc MD	169	goto failed;
	170	}
	171	ad->ad_fullname = ad->ad_servername = NULL; /* Sanity reasons */
	172	ad->ad_timehost = NULL;
	173	ad->ad_netid = NULL;
	174	ad->ad_uaddr = NULL;
	175	ad->ad_nis_srvr = NULL;
	176	ad->ad_timediff.tv_sec = 0;
	177	ad->ad_timediff.tv_usec = 0;
	178	memcpy(ad->ad_pkey, pkey->n_bytes, pkey->n_len);
	179	if (!getnetname(namebuf))
	180	goto failed;
	181	ad->ad_fullnamelen = RNDUP((u_int) strlen(namebuf));
	182	ad->ad_fullname = (char *)mem_alloc(ad->ad_fullnamelen + 1);
	183	ad->ad_servernamelen = strlen(servername);
	184	ad->ad_servername = (char *)mem_alloc(ad->ad_servernamelen + 1);
	185
	186	if (ad->ad_fullname == NULL \|\| ad->ad_servername == NULL) {
ce0e08e2	187	syslog(LOG_ERR, "authdes_seccreate: out of memory");
984263bc MD	188	goto failed;
	189	}
	190	if (timehost != NULL) {
	191	ad->ad_timehost = (char *)mem_alloc(strlen(timehost) + 1);
	192	if (ad->ad_timehost == NULL) {
ce0e08e2	193	syslog(LOG_ERR, "authdes_seccreate: out of memory");
984263bc MD	194	goto failed;
	195	}
	196	memcpy(ad->ad_timehost, timehost, strlen(timehost) + 1);
	197	ad->ad_dosync = TRUE;
	198	} else if (srvr != NULL) {
	199	ad->ad_nis_srvr = srvr; /* transient */
	200	ad->ad_dosync = TRUE;
	201	} else {
	202	ad->ad_dosync = FALSE;
	203	}
	204	memcpy(ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1);
	205	memcpy(ad->ad_servername, servername, ad->ad_servernamelen + 1);
	206	ad->ad_window = window;
	207	if (ckey == NULL) {
	208	if (key_gendes(&auth->ah_key) < 0) {
ce0e08e2 PA	209	syslog(LOG_ERR,
ce0e08e2 PA	210	"authdes_seccreate: keyserv(1m) is unable to generate session key");
984263bc MD	211	goto failed;
	212	}
	213	} else {
	214	auth->ah_key = *ckey;
	215	}
	216
	217	/*
	218	* Set up auth handle
	219	*/
	220	auth->ah_cred.oa_flavor = AUTH_DES;
	221	auth->ah_verf.oa_flavor = AUTH_DES;
ce0e08e2	222	auth->ah_ops = authdes_ops();
984263bc MD	223	auth->ah_private = (caddr_t)ad;
984263bc MD	224
ce0e08e2	225	if (!authdes_refresh(auth, NULL)) {
984263bc MD	226	goto failed;
	227	}
	228	ad->ad_nis_srvr = NULL; /* not needed any longer */
	229	return (auth);
	230
	231	failed:
	232	if (auth)
	233	FREE(auth, sizeof (AUTH));
	234	if (ad) {
	235	if (ad->ad_fullname)
	236	FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
	237	if (ad->ad_servername)
	238	FREE(ad->ad_servername, ad->ad_servernamelen + 1);
	239	if (ad->ad_timehost)
	240	FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
	241	if (ad->ad_netid)
ce0e08e2	242	FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
984263bc	243	if (ad->ad_uaddr)
ce0e08e2	244	FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
984263bc MD	245	FREE(ad, sizeof (struct ad_private));
	246	}
	247	return (NULL);
	248	}
ce0e08e2	249
984263bc MD	250	/*
	251	* Implement the five authentication operations
	252	*/
	253
	254
	255	/*
	256	* 1. Next Verifier
	257	*/
	258	/ARGSUSED/
	259	static void
c9b6181e	260	authdes_nextverf(AUTH *auth)
984263bc MD	261	{
	262	/* what the heck am I supposed to do??? */
	263	}
984263bc MD	264
	265
	266	/*
	267	* 2. Marshal
	268	*/
	269	static bool_t
c9b6181e	270	authdes_marshal(AUTH auth, XDR xdrs)
984263bc	271	{
ce0e08e2	272	/* LINTED pointer alignment */
984263bc MD	273	struct ad_private *ad = AUTH_PRIVATE(auth);
	274	struct authdes_cred *cred = &ad->ad_cred;
	275	struct authdes_verf *verf = &ad->ad_verf;
ce0e08e2	276	des_block cryptbuf[2];
984263bc MD	277	des_block ivec;
984263bc MD	278	int status;
ce0e08e2 PA	279	int len;
ce0e08e2 PA	280	rpc_inline_t *ixdr;
984263bc MD	281
	282	/*
	283	* Figure out the "time", accounting for any time difference
	284	* with the server if necessary.
	285	*/
2038fb68	286	gettimeofday(&ad->ad_timestamp, NULL);
984263bc MD	287	ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec;
984263bc MD	288	ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec;
ce0e08e2 PA	289	while (ad->ad_timestamp.tv_usec >= USEC_PER_SEC) {
	290	ad->ad_timestamp.tv_usec -= USEC_PER_SEC;
	291	ad->ad_timestamp.tv_sec++;
984263bc MD	292	}
	293
	294	/*
	295	* XDR the timestamp and possibly some other things, then
	296	* encrypt them.
	297	*/
ce0e08e2 PA	298	ixdr = (rpc_inline_t *)cryptbuf;
	299	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_sec);
	300	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_usec);
984263bc	301	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
ce0e08e2 PA	302	IXDR_PUT_U_INT32(ixdr, ad->ad_window);
ce0e08e2 PA	303	IXDR_PUT_U_INT32(ixdr, ad->ad_window - 1);
984263bc MD	304	ivec.key.high = ivec.key.low = 0;
984263bc MD	305	status = cbc_crypt((char )&auth->ah_key, (char )cryptbuf,
ce0e08e2 PA	306	(u_int) 2 * sizeof (des_block),
ce0e08e2 PA	307	DES_ENCRYPT \| DES_HW, (char *)&ivec);
984263bc MD	308	} else {
984263bc MD	309	status = ecb_crypt((char )&auth->ah_key, (char )cryptbuf,
ce0e08e2 PA	310	(u_int) sizeof (des_block),
ce0e08e2 PA	311	DES_ENCRYPT \| DES_HW);
984263bc MD	312	}
984263bc MD	313	if (DES_FAILED(status)) {
ce0e08e2	314	syslog(LOG_ERR, "authdes_marshal: DES encryption failure");
984263bc MD	315	return (FALSE);
	316	}
	317	ad->ad_verf.adv_xtimestamp = cryptbuf[0];
	318	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
	319	ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high;
	320	ad->ad_verf.adv_winverf = cryptbuf[1].key.low;
	321	} else {
	322	ad->ad_cred.adc_nickname = ad->ad_nickname;
	323	ad->ad_verf.adv_winverf = 0;
	324	}
	325
	326	/*
	327	* Serialize the credential and verifier into opaque
	328	* authentication data.
	329	*/
	330	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
	331	len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen);
	332	} else {
	333	len = (1 + 1)*BYTES_PER_XDR_UNIT;
	334	}
	335
	336	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
ce0e08e2 PA	337	IXDR_PUT_INT32(ixdr, AUTH_DES);
ce0e08e2 PA	338	IXDR_PUT_INT32(ixdr, len);
984263bc	339	} else {
ce0e08e2 PA	340	ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_cred.oa_flavor));
ce0e08e2 PA	341	ATTEMPT(xdr_putint32(xdrs, &len));
984263bc MD	342	}
	343	ATTEMPT(xdr_authdes_cred(xdrs, cred));
	344
	345	len = (2 + 1)*BYTES_PER_XDR_UNIT;
	346	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
ce0e08e2 PA	347	IXDR_PUT_INT32(ixdr, AUTH_DES);
ce0e08e2 PA	348	IXDR_PUT_INT32(ixdr, len);
984263bc	349	} else {
ce0e08e2 PA	350	ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_verf.oa_flavor));
ce0e08e2 PA	351	ATTEMPT(xdr_putint32(xdrs, &len));
984263bc MD	352	}
	353	ATTEMPT(xdr_authdes_verf(xdrs, verf));
	354	return (TRUE);
	355	}
	356
	357
	358	/*
	359	* 3. Validate
	360	*/
	361	static bool_t
c9b6181e	362	authdes_validate(AUTH auth, struct opaque_auth rverf)
984263bc	363	{
ce0e08e2	364	/* LINTED pointer alignment */
984263bc MD	365	struct ad_private *ad = AUTH_PRIVATE(auth);
	366	struct authdes_verf verf;
	367	int status;
ce0e08e2 PA	368	uint32_t *ixdr;
ce0e08e2 PA	369	des_block buf;
984263bc MD	370
	371	if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) {
	372	return (FALSE);
	373	}
ce0e08e2 PA	374	/* LINTED pointer alignment */
	375	ixdr = (uint32_t *)rverf->oa_base;
	376	buf.key.high = (uint32_t)*ixdr++;
	377	buf.key.low = (uint32_t)*ixdr++;
	378	verf.adv_int_u = (uint32_t)*ixdr++;
984263bc MD	379
	380	/*
	381	* Decrypt the timestamp
	382	*/
ce0e08e2 PA	383	status = ecb_crypt((char )&auth->ah_key, (char )&buf,
ce0e08e2 PA	384	(u_int)sizeof (des_block), DES_DECRYPT \| DES_HW);
984263bc MD	385
984263bc MD	386	if (DES_FAILED(status)) {
ce0e08e2	387	syslog(LOG_ERR, "authdes_validate: DES decryption failure");
984263bc MD	388	return (FALSE);
	389	}
	390
	391	/*
ce0e08e2	392	* xdr the decrypted timestamp
984263bc	393	*/
ce0e08e2 PA	394	/* LINTED pointer alignment */
	395	ixdr = (uint32_t *)buf.c;
	396	verf.adv_timestamp.tv_sec = IXDR_GET_INT32(ixdr) + 1;
	397	verf.adv_timestamp.tv_usec = IXDR_GET_INT32(ixdr);
984263bc MD	398
	399	/*
	400	* validate
	401	*/
	402	if (bcmp((char )&ad->ad_timestamp, (char )&verf.adv_timestamp,
	403	sizeof(struct timeval)) != 0) {
ce0e08e2	404	syslog(LOG_DEBUG, "authdes_validate: verifier mismatch");
984263bc MD	405	return (FALSE);
	406	}
	407
	408	/*
	409	* We have a nickname now, let's use it
	410	*/
ce0e08e2 PA	411	ad->ad_nickname = verf.adv_nickname;
	412	ad->ad_cred.adc_namekind = ADN_NICKNAME;
	413	return (TRUE);
984263bc MD	414	}
	415
	416	/*
	417	* 4. Refresh
	418	*/
ce0e08e2	419	/ARGSUSED/
984263bc	420	static bool_t
ce0e08e2	421	authdes_refresh(AUTH auth, void dummy)
984263bc	422	{
ce0e08e2	423	/* LINTED pointer alignment */
984263bc MD	424	struct ad_private *ad = AUTH_PRIVATE(auth);
984263bc MD	425	struct authdes_cred *cred = &ad->ad_cred;
ce0e08e2	426	int ok;
984263bc MD	427	netobj pkey;
984263bc MD	428
ce0e08e2 PA	429	if (ad->ad_dosync) {
	430	ok = __rpc_get_time_offset(&ad->ad_timediff, ad->ad_nis_srvr,
	431	ad->ad_timehost, &(ad->ad_uaddr),
	432	&(ad->ad_netid));
	433	if (! ok) {
	434	/*
	435	* Hope the clocks are synced!
	436	*/
	437	ad->ad_dosync = 0;
	438	syslog(LOG_DEBUG,
	439	"authdes_refresh: unable to synchronize clock");
	440	}
984263bc MD	441	}
	442	ad->ad_xkey = auth->ah_key;
	443	pkey.n_bytes = (char *)(ad->ad_pkey);
ce0e08e2	444	pkey.n_len = (u_int)strlen((char *)ad->ad_pkey) + 1;
984263bc	445	if (key_encryptsession_pk(ad->ad_servername, &pkey, &ad->ad_xkey) < 0) {
ce0e08e2 PA	446	syslog(LOG_INFO,
ce0e08e2 PA	447	"authdes_refresh: keyserv(1m) is unable to encrypt session key");
984263bc MD	448	return (FALSE);
	449	}
	450	cred->adc_fullname.key = ad->ad_xkey;
	451	cred->adc_namekind = ADN_FULLNAME;
	452	cred->adc_fullname.name = ad->ad_fullname;
	453	return (TRUE);
	454	}
	455
	456
	457	/*
	458	* 5. Destroy
	459	*/
	460	static void
c9b6181e	461	authdes_destroy(AUTH *auth)
984263bc	462	{
ce0e08e2	463	/* LINTED pointer alignment */
984263bc MD	464	struct ad_private *ad = AUTH_PRIVATE(auth);
	465
	466	FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
	467	FREE(ad->ad_servername, ad->ad_servernamelen + 1);
ce0e08e2 PA	468	if (ad->ad_timehost)
	469	FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
	470	if (ad->ad_netid)
	471	FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
	472	if (ad->ad_uaddr)
	473	FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
984263bc MD	474	FREE(ad, sizeof(struct ad_private));
	475	FREE(auth, sizeof(AUTH));
	476	}
984263bc	477
ce0e08e2 PA	478	static struct auth_ops *
ce0e08e2 PA	479	authdes_ops(void)
984263bc	480	{
ce0e08e2 PA	481	static struct auth_ops ops;
	482
	483	/* VARIABLES PROTECTED BY ops_lock: ops */
	484
	485	mutex_lock(&authdes_ops_lock);
	486	if (ops.ah_nextverf == NULL) {
	487	ops.ah_nextverf = authdes_nextverf;
	488	ops.ah_marshal = authdes_marshal;
	489	ops.ah_validate = authdes_validate;
	490	ops.ah_refresh = authdes_refresh;
	491	ops.ah_destroy = authdes_destroy;
	492	}
	493	mutex_unlock(&authdes_ops_lock);
	494	return (&ops);
984263bc	495	}