2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
25 * Sun Microsystems, Inc.
27 * Mountain View, California 94043
30 * Copyright (c) 1988 by Sun Microsystems, Inc.
33 * The original source is from the RPCSRC 4.0 package from Sun Microsystems.
34 * The Interface to keyserver protocoll 2, RPC over AF_UNIX and Linux/doors
35 * was added by Thorsten Kukuk <kukuk@suse.de>
36 * Since the Linux/doors project was stopped, I doubt that this code will
37 * ever be useful <kukuk@suse.de>.
49 #include <sys/param.h>
50 #include <sys/socket.h>
51 #include <rpc/key_prot.h>
52 #include <bits/libc-lock.h>
55 # include "door/door.h"
58 #define KEY_TIMEOUT 5 /* per-try timeout in seconds */
59 #define KEY_NRETRY 12 /* number of retries */
61 #define debug(msg) /* turn off debugging */
64 extern int _openchild (const char *command, FILE **fto, FILE **ffrom);
67 static int key_call (u_long, xdrproc_t xdr_arg, char *,
68 xdrproc_t xdr_rslt, char *) internal_function;
70 static const struct timeval trytimeout = {KEY_TIMEOUT, 0};
71 static const struct timeval tottimeout = {KEY_TIMEOUT *KEY_NRETRY, 0};
74 key_setsecret (char *secretkey)
78 if (!key_call ((u_long) KEY_SET, (xdrproc_t) INTUSE(xdr_keybuf), secretkey,
79 (xdrproc_t) INTUSE(xdr_keystatus), (char *) &status))
81 if (status != KEY_SUCCESS)
83 debug ("set status is nonzero");
89 /* key_secretkey_is_set() returns 1 if the keyserver has a secret key
90 * stored for the caller's effective uid; it returns 0 otherwise
92 * N.B.: The KEY_NET_GET key call is undocumented. Applications shouldn't
93 * be using it, because it allows them to get the user's secret key.
96 key_secretkey_is_set (void)
98 struct key_netstres kres;
100 memset (&kres, 0, sizeof (kres));
101 if (key_call ((u_long) KEY_NET_GET, (xdrproc_t) INTUSE(xdr_void),
102 (char *) NULL, (xdrproc_t) INTUSE(xdr_key_netstres),
104 (kres.status == KEY_SUCCESS) &&
105 (kres.key_netstres_u.knet.st_priv_key[0] != 0))
107 /* avoid leaving secret key in memory */
108 memset (kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES);
115 key_encryptsession (char *remotename, des_block *deskey)
120 arg.remotename = remotename;
121 arg.deskey = *deskey;
122 if (!key_call ((u_long) KEY_ENCRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
123 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
127 if (res.status != KEY_SUCCESS)
129 debug ("encrypt status is nonzero");
132 *deskey = res.cryptkeyres_u.deskey;
137 key_decryptsession (char *remotename, des_block *deskey)
142 arg.remotename = remotename;
143 arg.deskey = *deskey;
144 if (!key_call ((u_long) KEY_DECRYPT, (xdrproc_t) INTUSE(xdr_cryptkeyarg),
145 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
148 if (res.status != KEY_SUCCESS)
150 debug ("decrypt status is nonzero");
153 *deskey = res.cryptkeyres_u.deskey;
158 key_encryptsession_pk (char *remotename, netobj *remotekey,
164 arg.remotename = remotename;
165 arg.remotekey = *remotekey;
166 arg.deskey = *deskey;
167 if (!key_call ((u_long) KEY_ENCRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
168 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
172 if (res.status != KEY_SUCCESS)
174 debug ("encrypt status is nonzero");
177 *deskey = res.cryptkeyres_u.deskey;
182 key_decryptsession_pk (char *remotename, netobj *remotekey,
188 arg.remotename = remotename;
189 arg.remotekey = *remotekey;
190 arg.deskey = *deskey;
191 if (!key_call ((u_long) KEY_DECRYPT_PK, (xdrproc_t) INTUSE(xdr_cryptkeyarg2),
192 (char *) &arg, (xdrproc_t) INTUSE(xdr_cryptkeyres),
196 if (res.status != KEY_SUCCESS)
198 debug ("decrypt status is nonzero");
201 *deskey = res.cryptkeyres_u.deskey;
206 key_gendes (des_block *key)
208 struct sockaddr_in sin;
213 sin.sin_family = AF_INET;
215 sin.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
216 __bzero (sin.sin_zero, sizeof (sin.sin_zero));
217 socket = RPC_ANYSOCK;
218 client = INTUSE(clntudp_bufcreate) (&sin, (u_long) KEY_PROG,
219 (u_long) KEY_VERS, trytimeout, &socket,
220 RPCSMALLMSGSIZE, RPCSMALLMSGSIZE);
224 stat = clnt_call (client, KEY_GEN, (xdrproc_t) INTUSE(xdr_void), NULL,
225 (xdrproc_t) INTUSE(xdr_des_block), (caddr_t) key,
227 clnt_destroy (client);
229 if (stat != RPC_SUCCESS)
236 key_setnet (struct key_netstarg *arg)
240 if (!key_call ((u_long) KEY_NET_PUT, (xdrproc_t) INTUSE(xdr_key_netstarg),
241 (char *) arg,(xdrproc_t) INTUSE(xdr_keystatus),
245 if (status != KEY_SUCCESS)
247 debug ("key_setnet status is nonzero");
254 key_get_conv (char *pkey, des_block *deskey)
258 if (!key_call ((u_long) KEY_GET_CONV, (xdrproc_t) INTUSE(xdr_keybuf), pkey,
259 (xdrproc_t) INTUSE(xdr_cryptkeyres), (char *) &res))
262 if (res.status != KEY_SUCCESS)
264 debug ("get_conv status is nonzero");
267 *deskey = res.cryptkeyres_u.deskey;
272 * Hack to allow the keyserver to use AUTH_DES (for authenticated
273 * NIS+ calls, for example). The only functions that get called
274 * are key_encryptsession_pk, key_decryptsession_pk, and key_gendes.
276 * The approach is to have the keyserver fill in pointers to local
277 * implementations of these functions, and to call those in key_call().
280 cryptkeyres *(*__key_encryptsession_pk_LOCAL) (uid_t, char *);
281 cryptkeyres *(*__key_decryptsession_pk_LOCAL) (uid_t, char *);
282 des_block *(*__key_gendes_LOCAL) (uid_t, char *);
287 key_call_keyenvoy (u_long proc, xdrproc_t xdr_arg, char *arg,
288 xdrproc_t xdr_rslt, char *rslt)
294 sigset_t oldmask, mask;
300 static const char MESSENGER[] = "/usr/etc/keyenvoy";
304 sigaddset (&mask, SIGCHLD);
305 __sigprocmask (SIG_BLOCK, &mask, &oldmask);
308 * We are going to exec a set-uid program which makes our effective uid
309 * zero, and authenticates us with our real uid. We need to make the
310 * effective uid be the real uid for the setuid program, and
311 * the real uid be the effective uid so that we can change things back.
315 __setreuid (euid, ruid);
316 pid = _openchild (MESSENGER, &fargs, &frslt);
317 __setreuid (ruid, euid);
320 debug ("open_streams");
321 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
324 xdrstdio_create (&xdrargs, fargs, XDR_ENCODE);
325 xdrstdio_create (&xdrrslt, frslt, XDR_DECODE);
327 if (!INTUSE(xdr_u_long) (&xdrargs, &proc) || !(*xdr_arg) (&xdrargs, arg))
334 if (success && !(*xdr_rslt) (&xdrrslt, rslt))
342 if (__wait4 (pid, &status, 0, NULL) < 0)
347 if (errno == ECHILD || errno == ESRCH)
353 if (status.w_retcode)
358 __sigprocmask (SIG_SETMASK, &oldmask, NULL);
364 struct key_call_private {
365 CLIENT *client; /* Client handle */
366 pid_t pid; /* process-id at moment of creation */
367 uid_t uid; /* user-id at last authorization */
369 #ifdef _RPC_THREAD_SAFE_
370 #define key_call_private_main ((struct key_call_private *)RPC_THREAD_VARIABLE(key_call_private_s))
372 static struct key_call_private *key_call_private_main;
374 __libc_lock_define_initialized (static, keycall_lock)
377 * Keep the handle cached. This call may be made quite often.
380 getkeyserv_handle (int vers)
382 struct key_call_private *kcp = key_call_private_main;
383 struct timeval wait_time;
385 struct sockaddr_un name;
386 int namelen = sizeof(struct sockaddr_un);
388 #define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */
389 #define TOTAL_TRIES 5 /* Number of tries */
391 if (kcp == (struct key_call_private *)NULL)
393 kcp = (struct key_call_private *)malloc (sizeof (*kcp));
394 if (kcp == (struct key_call_private *)NULL)
395 return (CLIENT *) NULL;
397 key_call_private_main = kcp;
401 /* if pid has changed, destroy client and rebuild */
402 if (kcp->client != NULL && kcp->pid != __getpid ())
404 clnt_destroy (kcp->client);
408 if (kcp->client != NULL)
410 /* if other side closed socket, build handle again */
411 clnt_control (kcp->client, CLGET_FD, (char *)&fd);
412 if (__getpeername (fd,(struct sockaddr *)&name,&namelen) == -1)
414 auth_destroy (kcp->client->cl_auth);
415 clnt_destroy (kcp->client);
420 if (kcp->client != NULL)
422 /* if uid has changed, build client handle again */
423 if (kcp->uid != __geteuid ())
425 kcp->uid = __geteuid ();
426 auth_destroy (kcp->client->cl_auth);
427 kcp->client->cl_auth =
428 INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0, NULL);
429 if (kcp->client->cl_auth == NULL)
431 clnt_destroy (kcp->client);
433 return ((CLIENT *) NULL);
436 /* Change the version number to the new one */
437 clnt_control (kcp->client, CLSET_VERS, (void *)&vers);
441 if ((kcp->client == (CLIENT *) NULL))
442 /* Use the AF_UNIX transport */
443 kcp->client = INTUSE(clnt_create) ("/var/run/keyservsock", KEY_PROG, vers,
446 if (kcp->client == (CLIENT *) NULL)
447 return (CLIENT *) NULL;
449 kcp->uid = __geteuid ();
450 kcp->pid = __getpid ();
451 kcp->client->cl_auth = INTUSE(authunix_create) ((char *)"", kcp->uid, 0, 0,
453 if (kcp->client->cl_auth == NULL)
455 clnt_destroy (kcp->client);
457 return (CLIENT *) NULL;
460 wait_time.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES;
461 wait_time.tv_usec = 0;
462 clnt_control (kcp->client, CLSET_RETRY_TIMEOUT,
464 if (clnt_control (kcp->client, CLGET_FD, (char *)&fd))
465 __fcntl (fd, F_SETFD, 1); /* make it "close on exec" */
470 /* returns 0 on failure, 1 on success */
473 key_call_socket (u_long proc, xdrproc_t xdr_arg, char *arg,
474 xdrproc_t xdr_rslt, char *rslt)
477 struct timeval wait_time;
480 __libc_lock_lock (keycall_lock);
481 if ((proc == KEY_ENCRYPT_PK) || (proc == KEY_DECRYPT_PK) ||
482 (proc == KEY_NET_GET) || (proc == KEY_NET_PUT) ||
483 (proc == KEY_GET_CONV))
484 clnt = getkeyserv_handle(2); /* talk to version 2 */
486 clnt = getkeyserv_handle(1); /* talk to version 1 */
490 wait_time.tv_sec = TOTAL_TIMEOUT;
491 wait_time.tv_usec = 0;
493 if (clnt_call (clnt, proc, xdr_arg, arg, xdr_rslt, rslt,
494 wait_time) == RPC_SUCCESS)
498 __libc_lock_unlock (keycall_lock);
504 /* returns 0 on failure, 1 on success */
507 key_call_door (u_long proc, xdrproc_t xdr_arg, char *arg,
508 xdrproc_t xdr_rslt, char *rslt)
517 if ((fd = open("/var/run/keyservdoor", O_RDONLY)) < 0)
521 data_len = xdr_sizeof (xdr_arg, arg);
522 data_ptr = calloc (1, data_len + 2 * sizeof (u_long));
523 if (data_ptr == NULL)
526 INTUSE(xdrmem_create) (&xdrs, &data_ptr[2 * sizeof (u_long)], data_len,
528 if (!xdr_arg (&xdrs, arg))
536 memcpy (data_ptr, &proc, sizeof (u_long));
537 memcpy (&data_ptr[sizeof (proc)], &data_len, sizeof (u_long));
539 args.data_ptr = data_ptr;
540 args.data_size = data_len + 2 * sizeof (u_long);
541 args.desc_ptr = NULL;
544 args.rsize = sizeof (res);
546 ret = __door_call (fd, &args);
553 memcpy (&data_len, args.data_ptr, sizeof (u_long));
557 memcpy (&data_len, &args.data_ptr[sizeof (u_long)], sizeof (u_long));
558 INTUSE(xdrmem_create) (&xdrs, &args.data_ptr[2 * sizeof (u_long)],
559 data_len, XDR_DECODE);
560 if (!xdr_rslt (&xdrs, rslt))
571 /* returns 0 on failure, 1 on success */
574 key_call (u_long proc, xdrproc_t xdr_arg, char *arg,
575 xdrproc_t xdr_rslt, char *rslt)
578 static int use_keyenvoy;
581 static int not_use_doors;
584 if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL)
587 res = (*__key_encryptsession_pk_LOCAL) (__geteuid (), arg);
588 *(cryptkeyres *) rslt = *res;
591 else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL)
594 res = (*__key_decryptsession_pk_LOCAL) (__geteuid (), arg);
595 *(cryptkeyres *) rslt = *res;
598 else if (proc == KEY_GEN && __key_gendes_LOCAL)
601 res = (*__key_gendes_LOCAL) (__geteuid (), 0);
602 *(des_block *) rslt = *res;
609 if (key_call_door (proc, xdr_arg, arg, xdr_rslt, rslt))
616 return key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt);
620 if (key_call_socket (proc, xdr_arg, arg, xdr_rslt, rslt))
624 return key_call_keyenvoy (proc, xdr_arg, arg, xdr_rslt, rslt);
628 #ifdef _RPC_THREAD_SAFE_
630 __rpc_thread_key_cleanup (void)
632 struct key_call_private *kcp = RPC_THREAD_VARIABLE(key_call_private_s);
636 clnt_destroy(kcp->client);
640 #endif /* _RPC_THREAD_SAFE_ */