Updated to fedora-glibc-20040930T0838
[glibc/history.git] / sunrpc / key_call.c
blob211f61db70ee2c4f3ab0e7b08e16a038fc4f5a3d
1 /*
2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
25 * Sun Microsystems, Inc.
26 * 2550 Garcia Avenue
27 * Mountain View, California 94043
30 * Copyright (c) 1988 by Sun Microsystems, Inc.
33 * The original source is from the RPCSRC 4.0 package from Sun Microsystems.
34 * The Interface to keyserver protocoll 2, RPC over AF_UNIX and Linux/doors
35 * was added by Thorsten Kukuk <kukuk@suse.de>
36 * Since the Linux/doors project was stopped, I doubt that this code will
37 * ever be useful <kukuk@suse.de>.
40 #include <stdio.h>
41 #include <errno.h>
42 #include <fcntl.h>
43 #include <signal.h>
44 #include <unistd.h>
45 #include <string.h>
46 #include <rpc/rpc.h>
47 #include <rpc/auth.h>
48 #include <sys/wait.h>
49 #include <sys/param.h>
50 #include <sys/socket.h>
51 #include <rpc/key_prot.h>
52 #include <bits/libc-lock.h>
54 #ifdef HAVE_DOORS
55 # include "door/door.h"
56 #endif
58 #define KEY_TIMEOUT 5 /* per-try timeout in seconds */
59 #define KEY_NRETRY 12 /* number of retries */
61 #define debug(msg) /* turn off debugging */
63 #ifndef SO_PASSCRED
64 extern int _openchild (const char *command, FILE **fto, FILE **ffrom);
65 #endif
67 static int key_call (u_long, xdrproc_t xdr_arg, char *,
68 xdrproc_t xdr_rslt, char *) internal_function;
70 static const struct timeval trytimeout = {KEY_TIMEOUT, 0};
71 static const struct timeval tottimeout = {KEY_TIMEOUT *KEY_NRETRY, 0};
73 int
74 key_setsecret (char *secretkey)
76 keystatus status;
78 if (!key_call ((u_long) KEY_SET, (xdrproc_t) INTUSE(xdr_keybuf), secretkey,
79 (xdrproc_t) INTUSE(xdr_keystatus), (char *) &status))
80 return -1;
81 if (status != KEY_SUCCESS)
83 debug ("set status is nonzero");
84 return -1;
86 return 0;
89 /* key_secretkey_is_set() returns 1 if the keyserver has a secret key
90 * stored for the caller's effective uid; it returns 0 otherwise
92 * N.B.: The KEY_NET_GET key call is undocumented. Applications shouldn't
93 * be using it, because it allows them to get the user's secret key.
95 int
96 key_secretkey_is_set (void)
98 struct key_netstres kres;
100 memset (&kres, 0, sizeof (kres));
101 if (key_call ((u_long) KEY_NET_GET, (xdrproc_t) INTUSE(xdr_void),
102 (char *) NULL, (xdrproc_t) INTUSE(xdr_key_netstres),
103 (char *) &kres) &&
104 (kres.status == KEY_SUCCESS) &&
105 (kres.key_netstres_u.knet.st_priv_key[0] != 0))
107 /* avoid leaving secret key in memory */
108 memset (kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES);
109 return 1;
111 return 0;
115 key_encryptsession (char *remotename, des_block *deskey)
117 cryptkeyarg arg;
118 cryptkeyres res;
120 arg.remotename = remotename;
121 arg.deskey = *deskey;
122 if (!key_call ((u_long) KEY_ENCRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
123 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
124 (char *) &res))
125 return -1;
127 if (res.status != KEY_SUCCESS)
129 debug ("encrypt status is nonzero");
130 return -1;
132 *deskey = res.cryptkeyres_u.deskey;
133 return 0;
137 key_decryptsession (char *remotename, des_block *deskey)
139 cryptkeyarg arg;
140 cryptkeyres res;
142 arg.remotename = remotename;
143 arg.deskey = *deskey;
144 if (!key_call ((u_long) KEY_DECRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
145 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
146 (char *) &res))
147 return -1;
148 if (res.status != KEY_SUCCESS)
150 debug ("decrypt status is nonzero");
151 return -1;
153 *deskey = res.cryptkeyres_u.deskey;
154 return 0;
158 key_encryptsession_pk (char *remotename, netobj *remotekey,
159 des_block *deskey)
161 cryptkeyarg2 arg;
162 cryptkeyres res;
164 arg.remotename = remotename;
165 arg.remotekey = *remotekey;
166 arg.deskey = *deskey;
167 if (!key_call ((u_long) KEY_ENCRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
168 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
169 (char *) &res))
170 return -1;
172 if (res.status != KEY_SUCCESS)
174 debug ("encrypt status is nonzero");
175 return -1;
177 *deskey = res.cryptkeyres_u.deskey;
178 return 0;
180 libc_hidden_def (key_encryptsession_pk)
183 key_decryptsession_pk (char *remotename, netobj *remotekey,
184 des_block *deskey)
186 cryptkeyarg2 arg;
187 cryptkeyres res;
189 arg.remotename = remotename;
190 arg.remotekey = *remotekey;
191 arg.deskey = *deskey;
192 if (!key_call ((u_long) KEY_DECRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
193 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
194 (char *) &res))
195 return -1;
197 if (res.status != KEY_SUCCESS)
199 debug ("decrypt status is nonzero");
200 return -1;
202 *deskey = res.cryptkeyres_u.deskey;
203 return 0;
205 libc_hidden_def (key_decryptsession_pk)
208 key_gendes (des_block *key)
210 struct sockaddr_in sin;
211 CLIENT *client;
212 int socket;
213 enum clnt_stat stat;
215 sin.sin_family = AF_INET;
216 sin.sin_port = 0;
217 sin.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
218 __bzero (sin.sin_zero, sizeof (sin.sin_zero));
219 socket = RPC_ANYSOCK;
220 client = INTUSE(clntudp_bufcreate) (&sin, (u_long) KEY_PROG,
221 (u_long) KEY_VERS, trytimeout, &socket,
222 RPCSMALLMSGSIZE, RPCSMALLMSGSIZE);
223 if (client == NULL)
224 return -1;
226 stat = clnt_call (client, KEY_GEN, (xdrproc_t) INTUSE(xdr_void), NULL,
227 (xdrproc_t) INTUSE(xdr_des_block), (caddr_t) key,
228 tottimeout);
229 clnt_destroy (client);
230 __close (socket);
231 if (stat != RPC_SUCCESS)
232 return -1;
234 return 0;
236 libc_hidden_def (key_gendes)
239 key_setnet (struct key_netstarg *arg)
241 keystatus status;
243 if (!key_call ((u_long) KEY_NET_PUT, (xdrproc_t) INTUSE(xdr_key_netstarg),
244 (char *) arg,(xdrproc_t) INTUSE(xdr_keystatus),
245 (char *) &status))
246 return -1;
248 if (status != KEY_SUCCESS)
250 debug ("key_setnet status is nonzero");
251 return -1;
253 return 1;
257 key_get_conv (char *pkey, des_block *deskey)
259 cryptkeyres res;
261 if (!key_call ((u_long) KEY_GET_CONV, (xdrproc_t) INTUSE(xdr_keybuf), pkey,
262 (xdrproc_t) INTUSE(xdr_cryptkeyres), (char *) &res))
263 return -1;
265 if (res.status != KEY_SUCCESS)
267 debug ("get_conv status is nonzero");
268 return -1;
270 *deskey = res.cryptkeyres_u.deskey;
271 return 0;
275 * Hack to allow the keyserver to use AUTH_DES (for authenticated
276 * NIS+ calls, for example). The only functions that get called
277 * are key_encryptsession_pk, key_decryptsession_pk, and key_gendes.
279 * The approach is to have the keyserver fill in pointers to local
280 * implementations of these functions, and to call those in key_call().
283 cryptkeyres *(*__key_encryptsession_pk_LOCAL) (uid_t, char *);
284 cryptkeyres *(*__key_decryptsession_pk_LOCAL) (uid_t, char *);
285 des_block *(*__key_gendes_LOCAL) (uid_t, char *);
287 #ifndef SO_PASSCRED
288 static int
289 internal_function
290 key_call_keyenvoy (u_long proc, xdrproc_t xdr_arg, char *arg,
291 xdrproc_t xdr_rslt, char *rslt)
293 XDR xdrargs;
294 XDR xdrrslt;
295 FILE *fargs;
296 FILE *frslt;
297 sigset_t oldmask, mask;
298 union wait status;
299 int pid;
300 int success;
301 uid_t ruid;
302 uid_t euid;
303 static const char MESSENGER[] = "/usr/etc/keyenvoy";
305 success = 1;
306 sigemptyset (&mask);
307 sigaddset (&mask, SIGCHLD);
308 __sigprocmask (SIG_BLOCK, &mask, &oldmask);
311 * We are going to exec a set-uid program which makes our effective uid
312 * zero, and authenticates us with our real uid. We need to make the
313 * effective uid be the real uid for the setuid program, and
314 * the real uid be the effective uid so that we can change things back.
316 euid = __geteuid ();
317 ruid = __getuid ();
318 __setreuid (euid, ruid);
319 pid = _openchild (MESSENGER, &fargs, &frslt);
320 __setreuid (ruid, euid);
321 if (pid < 0)
323 debug ("open_streams");
324 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
325 return (0);
327 xdrstdio_create (&xdrargs, fargs, XDR_ENCODE);
328 xdrstdio_create (&xdrrslt, frslt, XDR_DECODE);
330 if (!INTUSE(xdr_u_long) (&xdrargs, &proc) || !(*xdr_arg) (&xdrargs, arg))
332 debug ("xdr args");
333 success = 0;
335 fclose (fargs);
337 if (success && !(*xdr_rslt) (&xdrrslt, rslt))
339 debug ("xdr rslt");
340 success = 0;
342 fclose(frslt);
344 wait_again:
345 if (__wait4 (pid, &status, 0, NULL) < 0)
347 if (errno == EINTR)
348 goto wait_again;
349 debug ("wait4");
350 if (errno == ECHILD || errno == ESRCH)
351 perror ("wait");
352 else
353 success = 0;
355 else
356 if (status.w_retcode)
358 debug ("wait4 1");
359 success = 0;
361 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
363 return success;
365 #endif
367 struct key_call_private {
368 CLIENT *client; /* Client handle */
369 pid_t pid; /* process-id at moment of creation */
370 uid_t uid; /* user-id at last authorization */
372 #ifdef _RPC_THREAD_SAFE_
373 #define key_call_private_main RPC_THREAD_VARIABLE(key_call_private_s)
374 #else
375 static struct key_call_private *key_call_private_main;
376 #endif
377 __libc_lock_define_initialized (static, keycall_lock)
380 * Keep the handle cached. This call may be made quite often.
382 static CLIENT *
383 getkeyserv_handle (int vers)
385 struct key_call_private *kcp = key_call_private_main;
386 struct timeval wait_time;
387 int fd;
388 struct sockaddr_un name;
389 int namelen = sizeof(struct sockaddr_un);
391 #define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */
392 #define TOTAL_TRIES 5 /* Number of tries */
394 if (kcp == (struct key_call_private *)NULL)
396 kcp = (struct key_call_private *)malloc (sizeof (*kcp));
397 if (kcp == (struct key_call_private *)NULL)
398 return (CLIENT *) NULL;
400 key_call_private_main = kcp;
401 kcp->client = NULL;
404 /* if pid has changed, destroy client and rebuild */
405 if (kcp->client != NULL && kcp->pid != __getpid ())
407 clnt_destroy (kcp->client);
408 kcp->client = NULL;
411 if (kcp->client != NULL)
413 /* if other side closed socket, build handle again */
414 clnt_control (kcp->client, CLGET_FD, (char *)&fd);
415 if (__getpeername (fd,(struct sockaddr *)&name,&namelen) == -1)
417 auth_destroy (kcp->client->cl_auth);
418 clnt_destroy (kcp->client);
419 kcp->client = NULL;
423 if (kcp->client != NULL)
425 /* if uid has changed, build client handle again */
426 if (kcp->uid != __geteuid ())
428 kcp->uid = __geteuid ();
429 auth_destroy (kcp->client->cl_auth);
430 kcp->client->cl_auth =
431 INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0, NULL);
432 if (kcp->client->cl_auth == NULL)
434 clnt_destroy (kcp->client);
435 kcp->client = NULL;
436 return ((CLIENT *) NULL);
439 /* Change the version number to the new one */
440 clnt_control (kcp->client, CLSET_VERS, (void *)&vers);
441 return kcp->client;
444 if ((kcp->client == (CLIENT *) NULL))
445 /* Use the AF_UNIX transport */
446 kcp->client = INTUSE(clnt_create) ("/var/run/keyservsock", KEY_PROG, vers,
447 "unix");
449 if (kcp->client == (CLIENT *) NULL)
450 return (CLIENT *) NULL;
452 kcp->uid = __geteuid ();
453 kcp->pid = __getpid ();
454 kcp->client->cl_auth = INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0,
455 NULL);
456 if (kcp->client->cl_auth == NULL)
458 clnt_destroy (kcp->client);
459 kcp->client = NULL;
460 return (CLIENT *) NULL;
463 wait_time.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES;
464 wait_time.tv_usec = 0;
465 clnt_control (kcp->client, CLSET_RETRY_TIMEOUT,
466 (char *)&wait_time);
467 if (clnt_control (kcp->client, CLGET_FD, (char *)&fd))
468 __fcntl (fd, F_SETFD, 1); /* make it "close on exec" */
470 return kcp->client;
473 /* returns 0 on failure, 1 on success */
474 static int
475 internal_function
476 key_call_socket (u_long proc, xdrproc_t xdr_arg, char *arg,
477 xdrproc_t xdr_rslt, char *rslt)
479 CLIENT *clnt;
480 struct timeval wait_time;
481 int result = 0;
483 __libc_lock_lock (keycall_lock);
484 if ((proc == KEY_ENCRYPT_PK) || (proc == KEY_DECRYPT_PK) ||
485 (proc == KEY_NET_GET) || (proc == KEY_NET_PUT) ||
486 (proc == KEY_GET_CONV))
487 clnt = getkeyserv_handle(2); /* talk to version 2 */
488 else
489 clnt = getkeyserv_handle(1); /* talk to version 1 */
491 if (clnt != NULL)
493 wait_time.tv_sec = TOTAL_TIMEOUT;
494 wait_time.tv_usec = 0;
496 if (clnt_call (clnt, proc, xdr_arg, arg, xdr_rslt, rslt,
497 wait_time) == RPC_SUCCESS)
498 result = 1;
501 __libc_lock_unlock (keycall_lock);
503 return result;
506 #ifdef HAVE_DOORS
507 /* returns 0 on failure, 1 on success */
508 static int
509 internal_function
510 key_call_door (u_long proc, xdrproc_t xdr_arg, char *arg,
511 xdrproc_t xdr_rslt, char *rslt)
513 XDR xdrs;
514 int fd, ret;
515 door_arg_t args;
516 char *data_ptr;
517 u_long data_len = 0;
518 char res[255];
520 if ((fd = open("/var/run/keyservdoor", O_RDONLY)) < 0)
521 return 0;
522 res[0] = 0;
524 data_len = xdr_sizeof (xdr_arg, arg);
525 data_ptr = calloc (1, data_len + 2 * sizeof (u_long));
526 if (data_ptr == NULL)
527 return 0;
529 INTUSE(xdrmem_create) (&xdrs, &data_ptr[2 * sizeof (u_long)], data_len,
530 XDR_ENCODE);
531 if (!xdr_arg (&xdrs, arg))
533 xdr_destroy (&xdrs);
534 free (data_ptr);
535 return 0;
537 xdr_destroy (&xdrs);
539 memcpy (data_ptr, &proc, sizeof (u_long));
540 memcpy (&data_ptr[sizeof (proc)], &data_len, sizeof (u_long));
542 args.data_ptr = data_ptr;
543 args.data_size = data_len + 2 * sizeof (u_long);
544 args.desc_ptr = NULL;
545 args.desc_num = 0;
546 args.rbuf = res;
547 args.rsize = sizeof (res);
549 ret = __door_call (fd, &args);
550 free (data_ptr);
551 close (fd);
553 if (ret < 0)
554 return 0;
556 memcpy (&data_len, args.data_ptr, sizeof (u_long));
557 if (data_len != 0)
558 return 0;
560 memcpy (&data_len, &args.data_ptr[sizeof (u_long)], sizeof (u_long));
561 INTUSE(xdrmem_create) (&xdrs, &args.data_ptr[2 * sizeof (u_long)],
562 data_len, XDR_DECODE);
563 if (!xdr_rslt (&xdrs, rslt))
565 xdr_destroy (&xdrs);
566 return 0;
568 xdr_destroy (&xdrs);
570 return 1;
572 #endif
574 /* returns 0 on failure, 1 on success */
575 static int
576 internal_function
577 key_call (u_long proc, xdrproc_t xdr_arg, char *arg,
578 xdrproc_t xdr_rslt, char *rslt)
580 #ifndef SO_PASSCRED
581 static int use_keyenvoy;
582 #endif
583 #ifdef HAVE_DOORS
584 static int not_use_doors;
585 #endif
587 if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL)
589 cryptkeyres *res;
590 res = (*__key_encryptsession_pk_LOCAL) (__geteuid (), arg);
591 *(cryptkeyres *) rslt = *res;
592 return 1;
594 else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL)
596 cryptkeyres *res;
597 res = (*__key_decryptsession_pk_LOCAL) (__geteuid (), arg);
598 *(cryptkeyres *) rslt = *res;
599 return 1;
601 else if (proc == KEY_GEN && __key_gendes_LOCAL)
603 des_block *res;
604 res = (*__key_gendes_LOCAL) (__geteuid (), 0);
605 *(des_block *) rslt = *res;
606 return 1;
609 #ifdef HAVE_DOORS
610 if (!not_use_doors)
612 if (key_call_door (proc, xdr_arg, arg, xdr_rslt, rslt))
613 return 1;
614 not_use_doors = 1;
616 #endif
618 #ifdef SO_PASSCRED
619 return key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt);
620 #else
621 if (!use_keyenvoy)
623 if (key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt))
624 return 1;
625 use_keyenvoy = 1;
627 return key_call_keyenvoy (proc, xdr_arg, arg, xdr_rslt, rslt);
628 #endif
631 #ifdef _RPC_THREAD_SAFE_
632 void
633 __rpc_thread_key_cleanup (void)
635 struct key_call_private *kcp = RPC_THREAD_VARIABLE(key_call_private_s);
637 if (kcp) {
638 if (kcp->client)
639 clnt_destroy(kcp->client);
640 free (kcp);
643 #endif /* _RPC_THREAD_SAFE_ */