/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
#include <afsconfig.h>
#include <afs/param.h>
+#include <afs/stds.h>
-RCSID
- ("$Header$");
+#include <roken.h>
+
+#ifdef IGNORE_SOME_GCC_WARNINGS
+# pragma GCC diagnostic warning "-Wdeprecated-declarations"
+#endif
-#include <afs/stds.h>
-#include <sys/types.h>
-#include <errno.h>
#ifdef AFS_NT40_ENV
-#include <winsock2.h>
#include <afs/errmap_nt.h>
-#define snprintf _snprintf
-#else
-#include <sys/socket.h>
-#include <netdb.h>
-#include <netinet/in.h>
#endif
-#include <string.h>
-#include <afs/afsutil.h>
-#include <time.h>
+
+#define HC_DEPRECATED
+#include <hcrypto/des.h>
+
#include <afs/com_err.h>
#include <lwp.h>
-#include <des.h>
#include <rx/xdr.h>
#include <rx/rx.h>
#include <rx/rxkad.h>
+#include <rx/rxkad_convert.h>
#include <afs/auth.h>
#include <ubik.h>
#include "kauth.h"
#include "kautils.h"
+#include "kauth_internal.h"
#include "kaserver.h"
#include "prot.h" /* protocol definitions */
#include "kaport.h"
#include "afs/audit.h"
#include "kalog.h"
+#include "kadatabase.h"
/* my kerberos error codes */
#define KERB_ERR_BAD_MSG_TYPE 99
#define KDC_GEN_ERR 20
#endif
+#ifndef AFS_NT40_ENV
+#define closesocket close
+#endif
int krb_udp_debug = 0;
int fiveminutes = 300;
-static
-FiveMinuteCheckLWP()
+static void *
+FiveMinuteCheckLWP(void *unused)
{
printf("start 5 min check lwp\n");
/* close the log so it can be removed */
ReOpenLog(AFSDIR_SERVER_KALOG_FILEPATH); /* no trunc, just append */
}
+ return NULL;
}
static afs_int32
-create_cipher(cipher, cipherLen, sessionKey, sname, sinst, start, end, kvno,
- ticket, ticketLen, key)
- char *cipher;
- int *cipherLen;
- struct ktc_encryptionKey *sessionKey;
- char *sname;
- char *sinst;
- Date start, end;
- afs_int32 kvno;
- char *ticket;
- int ticketLen;
- struct ktc_encryptionKey *key;
+create_cipher(char *cipher, int *cipherLen,
+ struct ktc_encryptionKey *sessionKey, char *sname,
+ char *sinst, Date start, Date end, afs_int32 kvno,
+ char *ticket, int ticketLen, struct ktc_encryptionKey *key)
{
char *answer;
int slen;
unsigned char life = time_to_life(start, end);
int len;
- des_key_schedule schedule;
+ DES_key_schedule schedule;
afs_int32 code;
answer = cipher;
printf("\n");
}
- if (code = des_key_sched(key, schedule))
+ if ((code = DES_key_sched(ktc_to_cblock(key), &schedule)))
printf("In KAAuthenticate: key_sched returned %d\n", code);
- des_pcbc_encrypt(cipher, cipher, len, schedule, key, ENCRYPT);
+ DES_pcbc_encrypt(cipher, cipher, len, &schedule, ktc_to_cblockptr(key), ENCRYPT);
*cipherLen = round_up_to_ebs(len);
if (krb_udp_debug) {
}
static afs_int32
-create_reply(ans, name, inst, startTime, endTime, kvno, cipher, cipherLen)
- struct packet *ans;
- char *name;
- char *inst;
- Date startTime, endTime;
- afs_int32 kvno;
- char *cipher;
- int cipherLen;
+create_reply(struct packet *ans, char *name, char *inst, Date startTime,
+ Date endTime, afs_int32 kvno, char *cipher, int cipherLen)
{
char *answer = ans->data;
int slen;
}
static afs_int32
-check_auth(pkt, auth, authLen, key, name, inst, cell)
- struct packet *pkt;
- char *auth;
- int authLen;
- struct ktc_encryptionKey *key;
- char *name;
- char *inst;
- char *cell;
+check_auth(struct packet *pkt, char *auth, int authLen,
+ struct ktc_encryptionKey *key, char *name, char *inst,
+ char *cell)
{
char *packet;
- des_key_schedule schedule;
+ DES_key_schedule schedule;
afs_int32 cksum;
- /* unsigned char time_msec; */
afs_int32 time_sec;
int byteOrder = pkt->byteOrder;
- des_key_sched(key, schedule);
- des_pcbc_encrypt(auth, auth, authLen, schedule, key, DECRYPT);
+ DES_key_sched(ktc_to_cblock(key), &schedule);
+ DES_pcbc_encrypt(auth, auth, authLen, &schedule, ktc_to_cblockptr(key), DECRYPT);
packet = auth;
if (strcmp(packet, name) != 0)
return KABADTICKET;
return KABADTICKET;
packet += strlen(packet) + 1;
getint(cksum);
- /* time_msec = */ *(unsigned char *)packet++;
+ /* Comments in the original IBM source suggest this byte was/is "time_msec" */
+ packet++;
getint(time_sec);
if ((packet - auth) > authLen)
return KABADTICKET;
}
afs_int32
-UDP_Authenticate(ksoc, client, name, inst, startTime, endTime, sname, sinst)
- int ksoc;
- struct sockaddr_in *client;
- char *name;
- char *inst;
- Date startTime;
- Date endTime;
- char *sname;
- char *sinst;
+UDP_Authenticate(int ksoc, struct sockaddr_in *client, char *name,
+ char *inst, Date startTime, Date endTime, char *sname,
+ char *sinst)
{
struct ubik_trans *tt;
afs_int32 to; /* offset of block */
COUNT_REQ(UAuthenticate);
if (!name_instance_legal(name, inst))
return KERB_ERR_NAME_EXP; /* KABADNAME */
- if (code = InitAuthServ(&tt, LOCKREAD, this_op))
+ if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
code = FindBlock(tt, name, inst, &to, &tentry);
code = KERB_ERR_NAME_EXP; /* XXX Could use another error code XXX */
goto abort;
}
- if (abs(startTime - now) > KTC_TIME_UNCERTAINTY) {
+ if (startTime - now > KTC_TIME_UNCERTAINTY) {
code = KERB_ERR_SERVICE_EXP; /* was KABADREQUEST */
goto abort;
}
afs_uint32 temp; /* unsigned for safety */
afs_uint32 pwexpires;
- temp = ntohl(*((afs_int32 *) (tentry.misc_auth_bytes)));
+ memcpy(&temp, tentry.misc_auth_bytes, sizeof(afs_uint32));
+ temp = ntohl(temp);
unpack_long(temp, misc_auth_bytes);
pwexpires = misc_auth_bytes[0];
if (pwexpires) {
}
/* make the ticket */
- code = des_random_key(&sessionKey);
+ code = DES_new_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto abort;
}
afs_int32
-UDP_GetTicket(ksoc, pkt, kvno, authDomain, ticket, ticketLen, auth, authLen)
- int ksoc;
- struct packet *pkt;
- afs_int32 kvno;
- char *authDomain;
- char *ticket;
- int ticketLen;
- char *auth;
- int authLen;
+UDP_GetTicket(int ksoc, struct packet *pkt, afs_int32 kvno,
+ char *authDomain, char *ticket, int ticketLen, char *auth,
+ int authLen)
{
afs_int32 code;
struct ktc_encryptionKey tgskey;
COUNT_REQ(UGetTicket);
- if (code = InitAuthServ(&tt, LOCKREAD, this_op))
+ if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
goto fail;
code =
ka_LookupKvno(tt, KA_TGS_NAME,
if (ntohl(server.flags) & KAFNOSEAL)
return KABADSERVER;
- code = des_random_key(&sessionKey);
+ code = DES_new_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto fail;
}
static int
-err_packet(ksoc, pkt, code, reason)
- int ksoc;
- struct packet *pkt;
- afs_int32 code;
- char *reason;
+err_packet(int ksoc, struct packet *pkt, afs_int32 code, char *reason)
{
struct packet ans;
char *answer = ans.data;
}
int
-process_udp_auth(ksoc, pkt)
- int ksoc;
- struct packet *pkt;
+process_udp_auth(int ksoc, struct packet *pkt)
{
char *packet = pkt->rest;
char name[MAXKTCNAMELEN];
}
int
-process_udp_appl(ksoc, pkt)
- int ksoc;
- struct packet *pkt;
+process_udp_appl(int ksoc, struct packet *pkt)
{
char *packet = pkt->rest;
afs_int32 kvno;
}
void
-process_udp_request(ksoc, pkt)
- int ksoc;
- struct packet *pkt;
+process_udp_request(int ksoc, struct packet *pkt)
{
char *packet = pkt->data;
unsigned char version, auth_msg_type;
return;
}
-static
-SocketListener()
+static void *
+SocketListener(void *unused)
{
fd_set rfds;
struct timeval tv;
struct packet packet;
- int fromLen;
+ socklen_t fromLen;
afs_int32 code;
+ char hoststr[16];
printf("Starting to listen for UDP packets\n");
while (1) {
packet.len = code;
if (krb_udp_debug) {
printf("Kerb:udp: Got %d bytes from addr %s which are '",
- code, afs_inet_ntoa(packet.from.sin_addr.s_addr));
+ code, afs_inet_ntoa_r(packet.from.sin_addr.s_addr, hoststr));
ka_PrintBytes(packet.data, packet.len);
printf("'\n");
}
packet.len = code;
if (krb_udp_debug) {
printf("Kerb5:udp: Got %d bytes from addr %s which are '",
- code, afs_inet_ntoa(packet.from.sin_addr.s_addr));
+ code, afs_inet_ntoa_r(packet.from.sin_addr.s_addr, hoststr));
ka_PrintBytes(packet.data, packet.len);
printf("'\n");
}
}
}
if (sock_kerb >= 0) {
- close(sock_kerb);
+ closesocket(sock_kerb);
sock_kerb = -1;
}
if (sock_kerb5 >= 0) {
- close(sock_kerb5);
+ closesocket(sock_kerb5);
sock_kerb5 = -1;
}
printf("UDP SocketListener exiting due to error\n");
+
+ return NULL;
}
#if MAIN
#include "AFS_component_version_number.c"
-main()
+int
+main(int, char **)
#else
afs_int32
-init_krb_udp()
+init_krb_udp(void)
#endif
{
struct sockaddr_in taddr;
strcpy(tentry->userID.name, aname);
strcpy(tentry->userID.instance, ainstance);
tentry->key_version = htonl(17);
- des_string_to_key("toa", &tentry->key);
+ DES_string_to_key("toa", &tentry->key);
tentry->flags = htonl(KAFNORMAL);
tentry->user_expiration = htonl(NEVERDATE);
tentry->max_ticket_lifetime = htonl(MAXKTCTICKETLIFETIME);
{
printf("Calling ka_LookupKey with '%s'.'%s'\n", name, inst);
*kvno = 23;
- des_string_to_key("applexx", key);
+ DES_string_to_key("applexx", key);
}
static afs_int32
printf("Called with wrong %s as authDomain\n", authDomain);
if (kvno != 23)
printf("kvno_tgs_key: being called with wrong kvno: %d\n", kvno);
- des_string_to_key("applexx", tgskey);
+ DES_string_to_key("applexx", tgskey);
return 0;
}