2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
25 * Sun Microsystems, Inc.
27 * Mountain View, California 94043
30 * Copyright (c) 1988 by Sun Microsystems, Inc.
33 * The original source is from the RPCSRC 4.0 package from Sun Microsystems.
34 * The Interface to keyserver protocoll 2, RPC over AF_UNIX and Linux/doors
35 * was added by Thorsten Kukuk <kukuk@suse.de>
36 * Since the Linux/doors project was stopped, I doubt that this code will
37 * ever be useful <kukuk@suse.de>.
49 #include <sys/param.h>
50 #include <sys/socket.h>
51 #include <rpc/key_prot.h>
52 #include <bits/libc-lock.h>
55 # include "door/door.h"
58 #define KEY_TIMEOUT 5 /* per-try timeout in seconds */
59 #define KEY_NRETRY 12 /* number of retries */
61 #define debug(msg) /* turn off debugging */
64 extern int _openchild (const char *command, FILE **fto, FILE **ffrom);
67 static int key_call (u_long, xdrproc_t xdr_arg, char *,
68 xdrproc_t xdr_rslt, char *) internal_function;
70 static const struct timeval trytimeout = {KEY_TIMEOUT, 0};
71 static const struct timeval tottimeout = {KEY_TIMEOUT *KEY_NRETRY, 0};
74 key_setsecret (char *secretkey)
78 if (!key_call ((u_long) KEY_SET, (xdrproc_t) INTUSE(xdr_keybuf), secretkey,
79 (xdrproc_t) INTUSE(xdr_keystatus), (char *) &status))
81 if (status != KEY_SUCCESS)
83 debug ("set status is nonzero");
89 /* key_secretkey_is_set() returns 1 if the keyserver has a secret key
90 * stored for the caller's effective uid; it returns 0 otherwise
92 * N.B.: The KEY_NET_GET key call is undocumented. Applications shouldn't
93 * be using it, because it allows them to get the user's secret key.
96 key_secretkey_is_set (void)
98 struct key_netstres kres;
100 memset (&kres, 0, sizeof (kres));
101 if (key_call ((u_long) KEY_NET_GET, (xdrproc_t) INTUSE(xdr_void),
102 (char *) NULL, (xdrproc_t) INTUSE(xdr_key_netstres),
104 (kres.status == KEY_SUCCESS) &&
105 (kres.key_netstres_u.knet.st_priv_key[0] != 0))
107 /* avoid leaving secret key in memory */
108 memset (kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES);
115 key_encryptsession (char *remotename, des_block *deskey)
120 arg.remotename = remotename;
121 arg.deskey = *deskey;
122 if (!key_call ((u_long) KEY_ENCRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
123 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
127 if (res.status != KEY_SUCCESS)
129 debug ("encrypt status is nonzero");
132 *deskey = res.cryptkeyres_u.deskey;
137 key_decryptsession (char *remotename, des_block *deskey)
142 arg.remotename = remotename;
143 arg.deskey = *deskey;
144 if (!key_call ((u_long) KEY_DECRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
145 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
148 if (res.status != KEY_SUCCESS)
150 debug ("decrypt status is nonzero");
153 *deskey = res.cryptkeyres_u.deskey;
158 key_encryptsession_pk (char *remotename, netobj *remotekey,
164 arg.remotename = remotename;
165 arg.remotekey = *remotekey;
166 arg.deskey = *deskey;
167 if (!key_call ((u_long) KEY_ENCRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
168 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
172 if (res.status != KEY_SUCCESS)
174 debug ("encrypt status is nonzero");
177 *deskey = res.cryptkeyres_u.deskey;
180 libc_hidden_def (key_encryptsession_pk)
183 key_decryptsession_pk (char *remotename, netobj *remotekey,
189 arg.remotename = remotename;
190 arg.remotekey = *remotekey;
191 arg.deskey = *deskey;
192 if (!key_call ((u_long) KEY_DECRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
193 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
197 if (res.status != KEY_SUCCESS)
199 debug ("decrypt status is nonzero");
202 *deskey = res.cryptkeyres_u.deskey;
205 libc_hidden_def (key_decryptsession_pk)
208 key_gendes (des_block *key)
210 struct sockaddr_in sin;
215 sin.sin_family = AF_INET;
217 sin.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
218 __bzero (sin.sin_zero, sizeof (sin.sin_zero));
219 socket = RPC_ANYSOCK;
220 client = INTUSE(clntudp_bufcreate) (&sin, (u_long) KEY_PROG,
221 (u_long) KEY_VERS, trytimeout, &socket,
222 RPCSMALLMSGSIZE, RPCSMALLMSGSIZE);
226 stat = clnt_call (client, KEY_GEN, (xdrproc_t) INTUSE(xdr_void), NULL,
227 (xdrproc_t) INTUSE(xdr_des_block), (caddr_t) key,
229 clnt_destroy (client);
231 if (stat != RPC_SUCCESS)
236 libc_hidden_def (key_gendes)
239 key_setnet (struct key_netstarg *arg)
243 if (!key_call ((u_long) KEY_NET_PUT, (xdrproc_t) INTUSE(xdr_key_netstarg),
244 (char *) arg,(xdrproc_t) INTUSE(xdr_keystatus),
248 if (status != KEY_SUCCESS)
250 debug ("key_setnet status is nonzero");
257 key_get_conv (char *pkey, des_block *deskey)
261 if (!key_call ((u_long) KEY_GET_CONV, (xdrproc_t) INTUSE(xdr_keybuf), pkey,
262 (xdrproc_t) INTUSE(xdr_cryptkeyres), (char *) &res))
265 if (res.status != KEY_SUCCESS)
267 debug ("get_conv status is nonzero");
270 *deskey = res.cryptkeyres_u.deskey;
275 * Hack to allow the keyserver to use AUTH_DES (for authenticated
276 * NIS+ calls, for example). The only functions that get called
277 * are key_encryptsession_pk, key_decryptsession_pk, and key_gendes.
279 * The approach is to have the keyserver fill in pointers to local
280 * implementations of these functions, and to call those in key_call().
283 cryptkeyres *(*__key_encryptsession_pk_LOCAL) (uid_t, char *);
284 cryptkeyres *(*__key_decryptsession_pk_LOCAL) (uid_t, char *);
285 des_block *(*__key_gendes_LOCAL) (uid_t, char *);
290 key_call_keyenvoy (u_long proc, xdrproc_t xdr_arg, char *arg,
291 xdrproc_t xdr_rslt, char *rslt)
297 sigset_t oldmask, mask;
303 static const char MESSENGER[] = "/usr/etc/keyenvoy";
307 sigaddset (&mask, SIGCHLD);
308 __sigprocmask (SIG_BLOCK, &mask, &oldmask);
311 * We are going to exec a set-uid program which makes our effective uid
312 * zero, and authenticates us with our real uid. We need to make the
313 * effective uid be the real uid for the setuid program, and
314 * the real uid be the effective uid so that we can change things back.
318 __setreuid (euid, ruid);
319 pid = _openchild (MESSENGER, &fargs, &frslt);
320 __setreuid (ruid, euid);
323 debug ("open_streams");
324 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
327 xdrstdio_create (&xdrargs, fargs, XDR_ENCODE);
328 xdrstdio_create (&xdrrslt, frslt, XDR_DECODE);
330 if (!INTUSE(xdr_u_long) (&xdrargs, &proc) || !(*xdr_arg) (&xdrargs, arg))
337 if (success && !(*xdr_rslt) (&xdrrslt, rslt))
345 if (__wait4 (pid, &status, 0, NULL) < 0)
350 if (errno == ECHILD || errno == ESRCH)
356 if (status.w_retcode)
361 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
367 struct key_call_private {
368 CLIENT *client; /* Client handle */
369 pid_t pid; /* process-id at moment of creation */
370 uid_t uid; /* user-id at last authorization */
372 #ifdef _RPC_THREAD_SAFE_
373 #define key_call_private_main ((struct key_call_private *)RPC_THREAD_VARIABLE(key_call_private_s))
375 static struct key_call_private *key_call_private_main;
377 __libc_lock_define_initialized (static, keycall_lock)
380 * Keep the handle cached. This call may be made quite often.
383 getkeyserv_handle (int vers)
385 struct key_call_private *kcp = key_call_private_main;
386 struct timeval wait_time;
388 struct sockaddr_un name;
389 int namelen = sizeof(struct sockaddr_un);
391 #define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */
392 #define TOTAL_TRIES 5 /* Number of tries */
394 if (kcp == (struct key_call_private *)NULL)
396 kcp = (struct key_call_private *)malloc (sizeof (*kcp));
397 if (kcp == (struct key_call_private *)NULL)
398 return (CLIENT *) NULL;
400 key_call_private_main = kcp;
404 /* if pid has changed, destroy client and rebuild */
405 if (kcp->client != NULL && kcp->pid != __getpid ())
407 clnt_destroy (kcp->client);
411 if (kcp->client != NULL)
413 /* if other side closed socket, build handle again */
414 clnt_control (kcp->client, CLGET_FD, (char *)&fd);
415 if (__getpeername (fd,(struct sockaddr *)&name,&namelen) == -1)
417 auth_destroy (kcp->client->cl_auth);
418 clnt_destroy (kcp->client);
423 if (kcp->client != NULL)
425 /* if uid has changed, build client handle again */
426 if (kcp->uid != __geteuid ())
428 kcp->uid = __geteuid ();
429 auth_destroy (kcp->client->cl_auth);
430 kcp->client->cl_auth =
431 INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0, NULL);
432 if (kcp->client->cl_auth == NULL)
434 clnt_destroy (kcp->client);
436 return ((CLIENT *) NULL);
439 /* Change the version number to the new one */
440 clnt_control (kcp->client, CLSET_VERS, (void *)&vers);
444 if ((kcp->client == (CLIENT *) NULL))
445 /* Use the AF_UNIX transport */
446 kcp->client = INTUSE(clnt_create) ("/var/run/keyservsock", KEY_PROG, vers,
449 if (kcp->client == (CLIENT *) NULL)
450 return (CLIENT *) NULL;
452 kcp->uid = __geteuid ();
453 kcp->pid = __getpid ();
454 kcp->client->cl_auth = INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0,
456 if (kcp->client->cl_auth == NULL)
458 clnt_destroy (kcp->client);
460 return (CLIENT *) NULL;
463 wait_time.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES;
464 wait_time.tv_usec = 0;
465 clnt_control (kcp->client, CLSET_RETRY_TIMEOUT,
467 if (clnt_control (kcp->client, CLGET_FD, (char *)&fd))
468 __fcntl (fd, F_SETFD, 1); /* make it "close on exec" */
473 /* returns 0 on failure, 1 on success */
476 key_call_socket (u_long proc, xdrproc_t xdr_arg, char *arg,
477 xdrproc_t xdr_rslt, char *rslt)
480 struct timeval wait_time;
483 __libc_lock_lock (keycall_lock);
484 if ((proc == KEY_ENCRYPT_PK) || (proc == KEY_DECRYPT_PK) ||
485 (proc == KEY_NET_GET) || (proc == KEY_NET_PUT) ||
486 (proc == KEY_GET_CONV))
487 clnt = getkeyserv_handle(2); /* talk to version 2 */
489 clnt = getkeyserv_handle(1); /* talk to version 1 */
493 wait_time.tv_sec = TOTAL_TIMEOUT;
494 wait_time.tv_usec = 0;
496 if (clnt_call (clnt, proc, xdr_arg, arg, xdr_rslt, rslt,
497 wait_time) == RPC_SUCCESS)
501 __libc_lock_unlock (keycall_lock);
507 /* returns 0 on failure, 1 on success */
510 key_call_door (u_long proc, xdrproc_t xdr_arg, char *arg,
511 xdrproc_t xdr_rslt, char *rslt)
520 if ((fd = open("/var/run/keyservdoor", O_RDONLY)) < 0)
524 data_len = xdr_sizeof (xdr_arg, arg);
525 data_ptr = calloc (1, data_len + 2 * sizeof (u_long));
526 if (data_ptr == NULL)
529 INTUSE(xdrmem_create) (&xdrs, &data_ptr[2 * sizeof (u_long)], data_len,
531 if (!xdr_arg (&xdrs, arg))
539 memcpy (data_ptr, &proc, sizeof (u_long));
540 memcpy (&data_ptr[sizeof (proc)], &data_len, sizeof (u_long));
542 args.data_ptr = data_ptr;
543 args.data_size = data_len + 2 * sizeof (u_long);
544 args.desc_ptr = NULL;
547 args.rsize = sizeof (res);
549 ret = __door_call (fd, &args);
556 memcpy (&data_len, args.data_ptr, sizeof (u_long));
560 memcpy (&data_len, &args.data_ptr[sizeof (u_long)], sizeof (u_long));
561 INTUSE(xdrmem_create) (&xdrs, &args.data_ptr[2 * sizeof (u_long)],
562 data_len, XDR_DECODE);
563 if (!xdr_rslt (&xdrs, rslt))
574 /* returns 0 on failure, 1 on success */
577 key_call (u_long proc, xdrproc_t xdr_arg, char *arg,
578 xdrproc_t xdr_rslt, char *rslt)
581 static int use_keyenvoy;
584 static int not_use_doors;
587 if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL)
590 res = (*__key_encryptsession_pk_LOCAL) (__geteuid (), arg);
591 *(cryptkeyres *) rslt = *res;
594 else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL)
597 res = (*__key_decryptsession_pk_LOCAL) (__geteuid (), arg);
598 *(cryptkeyres *) rslt = *res;
601 else if (proc == KEY_GEN && __key_gendes_LOCAL)
604 res = (*__key_gendes_LOCAL) (__geteuid (), 0);
605 *(des_block *) rslt = *res;
612 if (key_call_door (proc, xdr_arg, arg, xdr_rslt, rslt))
619 return key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt);
623 if (key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt))
627 return key_call_keyenvoy (proc, xdr_arg, arg, xdr_rslt, rslt);
631 #ifdef _RPC_THREAD_SAFE_
633 __rpc_thread_key_cleanup (void)
635 struct key_call_private *kcp = RPC_THREAD_VARIABLE(key_call_private_s);
639 clnt_destroy(kcp->client);
643 #endif /* _RPC_THREAD_SAFE_ */