1999-10-27 03:42:43 +00:00
|
|
|
/*
|
2000-09-16 02:29:08 +00:00
|
|
|
* Copyright (c) 1999 Dug Song. All rights reserved.
|
2000-04-16 01:18:38 +00:00
|
|
|
*
|
2000-09-16 02:29:08 +00:00
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
1999-11-24 13:26:21 +00:00
|
|
|
*/
|
1999-10-27 03:42:43 +00:00
|
|
|
|
|
|
|
#include "includes.h"
|
2000-04-29 13:57:08 +00:00
|
|
|
#include "uuencode.h"
|
1999-10-27 03:42:43 +00:00
|
|
|
|
2000-09-16 02:29:08 +00:00
|
|
|
RCSID("$OpenBSD: radix.c,v 1.13 2000/09/07 20:27:52 deraadt Exp $");
|
2000-06-23 00:16:38 +00:00
|
|
|
|
1999-10-27 03:42:43 +00:00
|
|
|
#ifdef AFS
|
|
|
|
#include <krb.h>
|
|
|
|
|
|
|
|
typedef unsigned char my_u_char;
|
|
|
|
typedef unsigned int my_u_int32_t;
|
|
|
|
typedef unsigned short my_u_short;
|
|
|
|
|
|
|
|
/* Nasty macros from BIND-4.9.2 */
|
|
|
|
|
|
|
|
#define GETSHORT(s, cp) { \
|
|
|
|
register my_u_char *t_cp = (my_u_char*)(cp); \
|
|
|
|
(s) = (((my_u_short)t_cp[0]) << 8) \
|
|
|
|
| (((my_u_short)t_cp[1])) \
|
|
|
|
; \
|
|
|
|
(cp) += 2; \
|
|
|
|
}
|
|
|
|
|
|
|
|
#define GETLONG(l, cp) { \
|
|
|
|
register my_u_char *t_cp = (my_u_char*)(cp); \
|
|
|
|
(l) = (((my_u_int32_t)t_cp[0]) << 24) \
|
|
|
|
| (((my_u_int32_t)t_cp[1]) << 16) \
|
|
|
|
| (((my_u_int32_t)t_cp[2]) << 8) \
|
|
|
|
| (((my_u_int32_t)t_cp[3])) \
|
|
|
|
; \
|
|
|
|
(cp) += 4; \
|
|
|
|
}
|
|
|
|
|
|
|
|
#define PUTSHORT(s, cp) { \
|
|
|
|
register my_u_short t_s = (my_u_short)(s); \
|
|
|
|
register my_u_char *t_cp = (my_u_char*)(cp); \
|
|
|
|
*t_cp++ = t_s >> 8; \
|
|
|
|
*t_cp = t_s; \
|
|
|
|
(cp) += 2; \
|
|
|
|
}
|
|
|
|
|
|
|
|
#define PUTLONG(l, cp) { \
|
|
|
|
register my_u_int32_t t_l = (my_u_int32_t)(l); \
|
|
|
|
register my_u_char *t_cp = (my_u_char*)(cp); \
|
|
|
|
*t_cp++ = t_l >> 24; \
|
|
|
|
*t_cp++ = t_l >> 16; \
|
|
|
|
*t_cp++ = t_l >> 8; \
|
|
|
|
*t_cp = t_l; \
|
|
|
|
(cp) += 4; \
|
|
|
|
}
|
|
|
|
|
|
|
|
#define GETSTRING(s, p, p_l) { \
|
|
|
|
register char* p_targ = (p) + p_l; \
|
|
|
|
register char* s_c = (s); \
|
|
|
|
register char* p_c = (p); \
|
|
|
|
while (*p_c && (p_c < p_targ)) { \
|
|
|
|
*s_c++ = *p_c++; \
|
|
|
|
} \
|
|
|
|
if (p_c == p_targ) { \
|
|
|
|
return 1; \
|
|
|
|
} \
|
|
|
|
*s_c = *p_c++; \
|
|
|
|
(p_l) = (p_l) - (p_c - (p)); \
|
|
|
|
(p) = p_c; \
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-04-16 01:18:38 +00:00
|
|
|
int
|
- Remove references to SSLeay.
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 02:03:14 +00:00
|
|
|
creds_to_radix(CREDENTIALS *creds, unsigned char *buf, size_t buflen)
|
1999-10-27 03:42:43 +00:00
|
|
|
{
|
1999-11-24 13:26:21 +00:00
|
|
|
char *p, *s;
|
|
|
|
int len;
|
|
|
|
char temp[2048];
|
|
|
|
|
|
|
|
p = temp;
|
|
|
|
*p++ = 1; /* version */
|
|
|
|
s = creds->service;
|
|
|
|
while (*s)
|
|
|
|
*p++ = *s++;
|
|
|
|
*p++ = *s;
|
|
|
|
s = creds->instance;
|
|
|
|
while (*s)
|
|
|
|
*p++ = *s++;
|
|
|
|
*p++ = *s;
|
|
|
|
s = creds->realm;
|
|
|
|
while (*s)
|
|
|
|
*p++ = *s++;
|
|
|
|
*p++ = *s;
|
|
|
|
|
|
|
|
s = creds->pname;
|
|
|
|
while (*s)
|
|
|
|
*p++ = *s++;
|
|
|
|
*p++ = *s;
|
|
|
|
s = creds->pinst;
|
|
|
|
while (*s)
|
|
|
|
*p++ = *s++;
|
|
|
|
*p++ = *s;
|
|
|
|
/* Null string to repeat the realm. */
|
|
|
|
*p++ = '\0';
|
|
|
|
|
|
|
|
PUTLONG(creds->issue_date, p);
|
|
|
|
{
|
|
|
|
unsigned int endTime;
|
|
|
|
endTime = (unsigned int) krb_life_to_time(creds->issue_date,
|
|
|
|
creds->lifetime);
|
|
|
|
PUTLONG(endTime, p);
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(p, &creds->session, sizeof(creds->session));
|
|
|
|
p += sizeof(creds->session);
|
|
|
|
|
|
|
|
PUTSHORT(creds->kvno, p);
|
|
|
|
PUTLONG(creds->ticket_st.length, p);
|
|
|
|
|
|
|
|
memcpy(p, creds->ticket_st.dat, creds->ticket_st.length);
|
|
|
|
p += creds->ticket_st.length;
|
|
|
|
len = p - temp;
|
|
|
|
|
- Remove references to SSLeay.
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 02:03:14 +00:00
|
|
|
return (uuencode((unsigned char *)temp, len, (char *)buf, buflen));
|
1999-10-27 03:42:43 +00:00
|
|
|
}
|
|
|
|
|
2000-04-16 01:18:38 +00:00
|
|
|
int
|
1999-11-24 13:26:21 +00:00
|
|
|
radix_to_creds(const char *buf, CREDENTIALS *creds)
|
1999-10-27 03:42:43 +00:00
|
|
|
{
|
|
|
|
|
1999-11-24 13:26:21 +00:00
|
|
|
char *p;
|
|
|
|
int len, tl;
|
|
|
|
char version;
|
|
|
|
char temp[2048];
|
|
|
|
|
- Remove references to SSLeay.
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2000-05-07 02:03:14 +00:00
|
|
|
len = uudecode(buf, (unsigned char *)temp, sizeof(temp));
|
|
|
|
if (len < 0)
|
1999-11-24 13:26:21 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
p = temp;
|
|
|
|
|
|
|
|
/* check version and length! */
|
|
|
|
if (len < 1)
|
|
|
|
return 0;
|
|
|
|
version = *p;
|
|
|
|
p++;
|
|
|
|
len--;
|
|
|
|
|
|
|
|
GETSTRING(creds->service, p, len);
|
|
|
|
GETSTRING(creds->instance, p, len);
|
|
|
|
GETSTRING(creds->realm, p, len);
|
|
|
|
|
|
|
|
GETSTRING(creds->pname, p, len);
|
|
|
|
GETSTRING(creds->pinst, p, len);
|
|
|
|
/* Ignore possibly different realm. */
|
|
|
|
while (*p && len)
|
|
|
|
p++, len--;
|
|
|
|
if (len == 0)
|
|
|
|
return 0;
|
|
|
|
p++, len--;
|
1999-10-27 03:42:43 +00:00
|
|
|
|
1999-11-24 13:26:21 +00:00
|
|
|
/* Enough space for remaining fixed-length parts? */
|
|
|
|
if (len < (4 + 4 + sizeof(creds->session) + 2 + 4))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
GETLONG(creds->issue_date, p);
|
|
|
|
len -= 4;
|
|
|
|
{
|
|
|
|
unsigned int endTime;
|
|
|
|
GETLONG(endTime, p);
|
|
|
|
len -= 4;
|
|
|
|
creds->lifetime = krb_time_to_life(creds->issue_date, endTime);
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(&creds->session, p, sizeof(creds->session));
|
|
|
|
p += sizeof(creds->session);
|
|
|
|
len -= sizeof(creds->session);
|
|
|
|
|
|
|
|
GETSHORT(creds->kvno, p);
|
|
|
|
len -= 2;
|
|
|
|
GETLONG(creds->ticket_st.length, p);
|
|
|
|
len -= 4;
|
|
|
|
|
|
|
|
tl = creds->ticket_st.length;
|
|
|
|
if (tl < 0 || tl > len || tl > sizeof(creds->ticket_st.dat))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
memcpy(creds->ticket_st.dat, p, tl);
|
|
|
|
p += tl;
|
|
|
|
len -= tl;
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
1999-10-27 03:42:43 +00:00
|
|
|
#endif /* AFS */
|